DATABASE RESOURCES PRICING ABOUT US

{"id": "CFOUNDRY:C4D1C1686A388941AD439B6E19ADC7F2", "vendorId": null, "type": "cloudfoundry", "bulletinFamily": "software", "title": "USN-4287-1: Linux kernel vulnerabilities | Cloud Foundry", "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n\n## Description\n\nIt was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the Linux kernel did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux kernel did not properly handle certain conditions. An attacker could use this to specially craft an ext4 file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19767)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291)\n\nCVEs contained in this USN include: CVE-2019-14615, CVE-2020-7053, CVE-2019-15291, CVE-2019-18683, CVE-2019-18885, CVE-2019-19057, CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332, CVE-2019-15099, CVE-2019-19071, CVE-2019-19078, CVE-2019-19082, CVE-2019-19767, CVE-2019-16229, CVE-2019-16232, CVE-2019-18786, CVE-2019-18809, CVE-2019-19965, CVE-2019-20096, CVE-2019-5108.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Xenial Stemcells \n * 621.x versions prior to 621.59\n * 456.x versions prior to 456.100\n * 315.x versions prior to 315.171\n * 250.x versions prior to 250.185\n * 170.x versions prior to 170.205\n * 97.x versions prior to 97.234\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Xenial Stemcells \n * Upgrade 621.x versions to 621.59 or greater\n * Upgrade 456.x versions to 456.100 or greater\n * Upgrade 315.x versions to 315.171 or greater\n * Upgrade 250.x versions to 250.185 or greater\n * Upgrade 170.x versions to 170.205 or greater\n * Upgrade 97.x versions to 97.234 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n\n## References\n\n * [USN Notice](<https://usn.ubuntu.com/4287-1/>)\n * [CVE-2019-14615](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14615>)\n * [CVE-2020-7053](<https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7053>)\n * [CVE-2019-15291](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15291>)\n * [CVE-2019-18683](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18683>)\n * [CVE-2019-18885](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18885>)\n * [CVE-2019-19057](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19057>)\n * [CVE-2019-19062](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19062>)\n * [CVE-2019-19063](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19063>)\n * [CVE-2019-19227](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19227>)\n * [CVE-2019-19332](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19332>)\n * [CVE-2019-15099](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15099>)\n * [CVE-2019-19071](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19071>)\n * [CVE-2019-19078](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19078>)\n * [CVE-2019-19082](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19082>)\n * [CVE-2019-19767](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19767>)\n * [CVE-2019-16229](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16229>)\n * [CVE-2019-16232](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16232>)\n * [CVE-2019-18786](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18786>)\n * [CVE-2019-18809](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18809>)\n * [CVE-2019-19965](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19965>)\n * [CVE-2019-20096](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20096>)\n * [CVE-2019-5108](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5108>)\n\n## History\n\n2020-02-18: Initial vulnerability report published.\n", "published": "2020-03-10T00:00:00", "modified": "2020-03-10T00:00:00", "epss": [{"cve": "CVE-2019-14615", "epss": 0.00087, "percentile": 0.36033, "modified": "2023-06-10"}, {"cve": "CVE-2019-15099", "epss": 0.00583, "percentile": 0.75052, "modified": "2023-06-10"}, {"cve": "CVE-2019-15291", "epss": 0.00123, "percentile": 0.4557, "modified": "2023-06-10"}, {"cve": "CVE-2019-16229", "epss": 0.00045, "percentile": 0.12137, "modified": "2023-06-10"}, {"cve": "CVE-2019-16232", "epss": 0.00063, "percentile": 0.25602, "modified": "2023-06-10"}, {"cve": "CVE-2019-18683", "epss": 0.00044, "percentile": 0.08219, "modified": "2023-06-10"}, {"cve": "CVE-2019-18786", "epss": 0.00047, "percentile": 0.14512, "modified": "2023-06-10"}, {"cve": "CVE-2019-18809", "epss": 0.00259, "percentile": 0.62258, "modified": "2023-06-10"}, {"cve": "CVE-2019-18885", "epss": 0.00098, "percentile": 0.39657, "modified": "2023-06-10"}, {"cve": "CVE-2019-19057", "epss": 0.00049, "percentile": 0.15367, "modified": "2023-06-10"}, {"cve": "CVE-2019-19062", "epss": 0.00046, "percentile": 0.14112, "modified": "2023-06-10"}, {"cve": "CVE-2019-19063", "epss": 0.00118, "percentile": 0.44596, "modified": "2023-06-10"}, {"cve": "CVE-2019-19071", "epss": 0.00637, "percentile": 0.76173, "modified": "2023-06-10"}, {"cve": "CVE-2019-19078", "epss": 0.00696, "percentile": 0.77449, "modified": "2023-06-10"}, {"cve": "CVE-2019-19082", "epss": 0.00045, "percentile": 0.12137, "modified": "2023-06-10"}, {"cve": "CVE-2019-19227", "epss": 0.00046, "percentile": 0.1407, "modified": "2023-06-10"}, {"cve": "CVE-2019-19332", "epss": 0.00065, "percentile": 0.26845, "modified": "2023-06-10"}, {"cve": "CVE-2019-19767", "epss": 0.00188, "percentile": 0.54971, "modified": "2023-06-10"}, {"cve": "CVE-2019-19965", "epss": 0.00063, "percentile": 0.25602, "modified": "2023-06-10"}, {"cve": "CVE-2019-20096", "epss": 0.00045, "percentile": 0.12333, "modified": "2023-06-10"}, {"cve": "CVE-2019-5108", "epss": 0.00119, "percentile": 0.44942, "modified": "2023-06-10"}, {"cve": "CVE-2020-7053", "epss": 0.00045, "percentile": 0.12142, "modified": "2023-06-06"}], "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://www.cloudfoundry.org/blog/usn-4287-1/", "reporter": "Cloud Foundry", "references": [], "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19767", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "immutableFields": [], "lastseen": "2023-06-10T16:37:49", "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431"]}, {"type": "amazon", "idList": ["ALAS-2020-1338", "ALAS-2020-1349", "ALAS2-2020-1392", "ALAS2-2020-1399"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-06-01", "ANDROID:2020-09-01"]}, {"type": "apple", "idList": ["APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:HT211100"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2020:1016", "CESA-2020:4060", "CESA-2021:0856"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1F5DBB3C3CBCE17DE26C796E1F59B3C4", "CFOUNDRY:A6BB54E614972BC1F16419D7DB82331A"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1650576075"]}, {"type": "cve", "idList": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19767", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053", "CVE-2020-8832"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2114-1:93D37", "DEBIAN:DLA-2241-1:DE3AB", "DEBIAN:DLA-2241-2:3E557", "DEBIAN:DLA-2242-1:573AF", "DEBIAN:DLA-2323-1:C146F", "DEBIAN:DSA-4698-1:66813", "DEBIAN:DSA-4698-1:E1A7D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-14615", "DEBIANCVE:CVE-2019-15099", "DEBIANCVE:CVE-2019-15291", "DEBIANCVE:CVE-2019-16229", "DEBIANCVE:CVE-2019-16232", "DEBIANCVE:CVE-2019-18683", "DEBIANCVE:CVE-2019-18786", "DEBIANCVE:CVE-2019-18809", "DEBIANCVE:CVE-2019-18885", "DEBIANCVE:CVE-2019-19057", "DEBIANCVE:CVE-2019-19062", "DEBIANCVE:CVE-2019-19063", "DEBIANCVE:CVE-2019-19071", "DEBIANCVE:CVE-2019-19078", "DEBIANCVE:CVE-2019-19082", "DEBIANCVE:CVE-2019-19227", "DEBIANCVE:CVE-2019-19332", "DEBIANCVE:CVE-2019-19767", "DEBIANCVE:CVE-2019-19965", "DEBIANCVE:CVE-2019-20096", "DEBIANCVE:CVE-2019-5108", "DEBIANCVE:CVE-2020-7053", "DEBIANCVE:CVE-2020-8832"]}, {"type": "f5", "idList": ["F5:K00384005", "F5:K18129121", "F5:K22526232", "F5:K28135205", "F5:K30046854", "F5:K33535454", "F5:K52125441", "F5:K76295179", "F5:K84797753", "F5:K88125023", "F5:K92969318"]}, {"type": "fedora", "idList": ["FEDORA:224AE608F491", "FEDORA:267796076024", "FEDORA:371E06040B12", "FEDORA:4002B609954A", "FEDORA:51B856067EB8", "FEDORA:59E3F606D998", "FEDORA:5BC786077CC2", "FEDORA:628EB603ECD0", "FEDORA:803AE30C6416", "FEDORA:8FEA960A4096", "FEDORA:94BC060A4ECF", "FEDORA:BF5EC607125E", "FEDORA:C63656040AE1", "FEDORA:CB0956087865", "FEDORA:EC9F26076D31"]}, {"type": "freebsd", "idList": ["D2C2C815-3793-11EA-8BE3-54E1AD3D6335"]}, {"type": "githubexploit", "idList": ["27D2D5B1-EEDA-50EF-A982-E805D9958998", "A435389F-9C9F-5CEA-8255-C23422F533AB"]}, {"type": "hp", "idList": ["HP:C06561734"]}, {"type": "ibm", "idList": ["1879325E67264056B58E8AD7F16855960BE3D80A459CF04AA2C576744065C438", "3D1FD9B5927004B8B7B1CB77FE467A67DED4E5A078A791448C81D1500BA2A09E", "65AC1B828E41A5505E1A8E4F6E7E2E7A2BE86DE58C539C97379A40C7ED8BBD9F", "7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4", "8B24753FF8758BF51E7C6001AC39E0EF90B14323A9756CCEF8AC68E99EF03367", "B599429672D35F0898136CCC25113D8FA5E242634C8CEB73C87851525F0DA4BB", "B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E", "DE367A059D35C909557795AD50F02620921B5CC13CC7F375C7C2F83A009A984C", "F0AFFAB5446BEF6A6B346CA7237A1583252E55B1EA002352E7DFDFFB5796363C", "F0B9B56079F884F041664405C90E1EA3DD557A7DC4ACA69220B7A78B68F6A1BD"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00314"]}, {"type": "kitploit", "idList": ["KITPLOIT:1463882138321251213"]}, {"type": "lenovo", "idList": ["LENOVO:PS500302-INTEL-PROCESSOR-GRAPHICS-VULNERABILITY-NOSID", "LENOVO:PS500302-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0388", "MGASA-2020-0041", "MGASA-2020-0089"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1392.NASL", "AL2_ALAS-2020-1399.NASL", "ALA_ALAS-2020-1338.NASL", "ALA_ALAS-2020-1349.NASL", "ALMA_LINUX_ALSA-2020-4431.NASL", "ALMA_LINUX_ALSA-2021-4356.NASL", "CENTOS8_RHSA-2020-1769.NASL", "CENTOS8_RHSA-2020-4431.NASL", "CENTOS8_RHSA-2021-4140.NASL", "CENTOS8_RHSA-2021-4356.NASL", "CENTOS_RHSA-2020-4060.NASL", "CENTOS_RHSA-2021-0856.NASL", "DEBIAN_DLA-2068.NASL", "DEBIAN_DLA-2114.NASL", "DEBIAN_DLA-2241.NASL", "DEBIAN_DLA-2242.NASL", "DEBIAN_DLA-2323.NASL", "DEBIAN_DSA-4698.NASL", "EULEROS_SA-2019-2106.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2283.NASL", "EULEROS_SA-2019-2309.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2019-2693.NASL", "EULEROS_SA-2020-1012.NASL", "EULEROS_SA-2020-1042.NASL", "EULEROS_SA-2020-1112.NASL", "EULEROS_SA-2020-1158.NASL", "EULEROS_SA-2020-1197.NASL", "EULEROS_SA-2020-1269.NASL", "EULEROS_SA-2020-1308.NASL", "EULEROS_SA-2020-1342.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2020-1452.NASL", "EULEROS_SA-2020-1536.NASL", "EULEROS_SA-2020-1674.NASL", "EULEROS_SA-2020-2222.NASL", "EULEROS_SA-2021-1056.NASL", "EULEROS_SA-2021-2040.NASL", "EULEROS_SA-2021-2140.NASL", "FEDORA_2019-021C968423.NASL", "FEDORA_2019-124A241044.NASL", "FEDORA_2019-34A75D7E61.NASL", "FEDORA_2019-39E97683E8.NASL", "FEDORA_2019-8846A1A5A2.NASL", "FEDORA_2019-91F6E7BB71.NASL", "FEDORA_2019-B86A7BDBA0.NASL", "FREEBSD_PKG_D2C2C815379311EA8BE354E1AD3D6335.NASL", "MACOS_HT211100.NASL", "NEWSTART_CGSL_NS-SA-2021-0025_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0078_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0098_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0126_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0169_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0026_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_15_5.NASL", "NUTANIX_NXSA-AOS-5_15_5_5.NASL", "NUTANIX_NXSA-AOS-5_15_6.NASL", "NUTANIX_NXSA-AOS-5_15_7.NASL", "NUTANIX_NXSA-AOS-5_19_0_5.NASL", "NUTANIX_NXSA-AOS-5_19_1.NASL", "NUTANIX_NXSA-AOS-5_20.NASL", "NUTANIX_NXSA-AOS-6_0.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2307.NASL", "OPENSUSE-2019-2308.NASL", "OPENSUSE-2019-2392.NASL", "OPENSUSE-2019-2444.NASL", "OPENSUSE-2019-2675.NASL", "OPENSUSE-2020-336.NASL", "ORACLELINUX_ELSA-2020-5528.NASL", "ORACLELINUX_ELSA-2020-5533.NASL", "ORACLELINUX_ELSA-2020-5535.NASL", "ORACLELINUX_ELSA-2020-5541.NASL", "ORACLELINUX_ELSA-2020-5559.NASL", "ORACLELINUX_ELSA-2020-5560.NASL", "ORACLELINUX_ELSA-2020-5569.NASL", "ORACLELINUX_ELSA-2020-5649.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "ORACLELINUX_ELSA-2020-5708.NASL", "ORACLELINUX_ELSA-2020-5715.NASL", "ORACLELINUX_ELSA-2020-5802.NASL", "ORACLELINUX_ELSA-2020-5804.NASL", "ORACLELINUX_ELSA-2020-5837.NASL", "ORACLELINUX_ELSA-2020-5844.NASL", "ORACLELINUX_ELSA-2020-5845.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLELINUX_ELSA-2020-5879.NASL", "ORACLELINUX_ELSA-2020-5885.NASL", "ORACLELINUX_ELSA-2021-0856.NASL", "ORACLELINUX_ELSA-2021-9473.NASL", "ORACLEVM_OVMSA-2020-0020.NASL", "ORACLEVM_OVMSA-2020-0041.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "ORACLEVM_OVMSA-2021-0035.NASL", "PHOTONOS_PHSA-2019-3_0-0046_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0295_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0245_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0052_LINUX.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1493.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "REDHAT-RHSA-2020-2854.NASL", "REDHAT-RHSA-2020-4060.NASL", "REDHAT-RHSA-2020-4062.NASL", "REDHAT-RHSA-2020-4431.NASL", "REDHAT-RHSA-2020-4609.NASL", "REDHAT-RHSA-2021-0856.NASL", "REDHAT-RHSA-2021-0857.NASL", "REDHAT-RHSA-2021-4140.NASL", "REDHAT-RHSA-2021-4356.NASL", "SLACKWARE_SSA_2020-008-01.NASL", "SLACKWARE_SSA_2020-086-01.NASL", "SLACKWARE_SSA_2021-202-01.NASL", "SL_20201001_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2019-14218-1.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2706-1.NASL", "SUSE_SU-2019-2710-1.NASL", "SUSE_SU-2019-2738-1.NASL", "SUSE_SU-2019-2879-1.NASL", "SUSE_SU-2019-2946-1.NASL", "SUSE_SU-2019-2947-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2953-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-3200-1.NASL", "SUSE_SU-2019-3295-1.NASL", "SUSE_SU-2019-3316-1.NASL", "SUSE_SU-2019-3317-1.NASL", "SUSE_SU-2019-3371-1.NASL", "SUSE_SU-2019-3379-1.NASL", "SUSE_SU-2019-3381-1.NASL", "SUSE_SU-2019-3389-1.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-0558-1.NASL", "SUSE_SU-2020-0559-1.NASL", "SUSE_SU-2020-0560-1.NASL", "SUSE_SU-2020-0580-1.NASL", "SUSE_SU-2020-0584-1.NASL", "SUSE_SU-2020-0613-1.NASL", "SUSE_SU-2020-0868-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "SUSE_SU-2020-14354-1.NASL", "SUSE_SU-2020-14442-1.NASL", "SUSE_SU-2020-1663-1.NASL", "SUSE_SU-2020-3503-1.NASL", "SUSE_SU-2021-0437-1.NASL", "UBUNTU_USN-4253-1.NASL", "UBUNTU_USN-4253-2.NASL", "UBUNTU_USN-4254-1.NASL", "UBUNTU_USN-4255-1.NASL", "UBUNTU_USN-4255-2.NASL", "UBUNTU_USN-4258-1.NASL", "UBUNTU_USN-4284-1.NASL", "UBUNTU_USN-4285-1.NASL", "UBUNTU_USN-4286-1.NASL", "UBUNTU_USN-4287-1.NASL", "UBUNTU_USN-4300-1.NASL", "UBUNTU_USN-4302-1.NASL", "UBUNTU_USN-4904-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704698", "OPENVAS:1361412562310816724", "OPENVAS:1361412562310844312", "OPENVAS:1361412562310844314", "OPENVAS:1361412562310844316", "OPENVAS:1361412562310844317", "OPENVAS:1361412562310844318", "OPENVAS:1361412562310844319", "OPENVAS:1361412562310844341", "OPENVAS:1361412562310844342", "OPENVAS:1361412562310844343", "OPENVAS:1361412562310844347", "OPENVAS:1361412562310844362", "OPENVAS:1361412562310844364", "OPENVAS:1361412562310852737", "OPENVAS:1361412562310852750", "OPENVAS:1361412562310852855", "OPENVAS:1361412562310852953", "OPENVAS:1361412562310852970", "OPENVAS:1361412562310852971", "OPENVAS:1361412562310853070", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877113", "OPENVAS:1361412562310877132", "OPENVAS:1361412562310877136", "OPENVAS:1361412562310877209", "OPENVAS:1361412562310877358", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877479", "OPENVAS:1361412562310877533", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310877541", "OPENVAS:1361412562310877952", "OPENVAS:1361412562310892068", "OPENVAS:1361412562310892114", "OPENVAS:1361412562310892241", "OPENVAS:1361412562310892242", "OPENVAS:1361412562311220192106", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192283", "OPENVAS:1361412562311220192309", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220192693", "OPENVAS:1361412562311220201012", "OPENVAS:1361412562311220201042", "OPENVAS:1361412562311220201112", "OPENVAS:1361412562311220201158", "OPENVAS:1361412562311220201197", "OPENVAS:1361412562311220201269", "OPENVAS:1361412562311220201308", "OPENVAS:1361412562311220201342", "OPENVAS:1361412562311220201396", "OPENVAS:1361412562311220201452", "OPENVAS:1361412562311220201536", "OPENVAS:1361412562311220201674"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1769", "ELSA-2020-4060", "ELSA-2020-4431", "ELSA-2020-5528", "ELSA-2020-5533", "ELSA-2020-5535", "ELSA-2020-5541", "ELSA-2020-5559", "ELSA-2020-5560", "ELSA-2020-5569", "ELSA-2020-5649", "ELSA-2020-5676", "ELSA-2020-5708", "ELSA-2020-5715", "ELSA-2020-5802", "ELSA-2020-5804", "ELSA-2020-5837", "ELSA-2020-5844", "ELSA-2020-5845", "ELSA-2020-5866", "ELSA-2020-5879", "ELSA-2020-5885", "ELSA-2021-0856", "ELSA-2021-9473"]}, {"type": "osv", "idList": ["OSV:DLA-2068-1", "OSV:DLA-2114-1", "OSV:DLA-2241-1", "OSV:DLA-2242-1", "OSV:DLA-2323-1", "OSV:DSA-4698-1"]}, {"type": "photon", "idList": ["PHSA-2019-0046", "PHSA-2019-0194", "PHSA-2019-3.0-0046", "PHSA-2020-0052", "PHSA-2020-0093", "PHSA-2020-0212", "PHSA-2020-0219", "PHSA-2020-0244", "PHSA-2020-0245", "PHSA-2020-0266", "PHSA-2020-0274", "PHSA-2020-0279", "PHSA-2020-0295", "PHSA-2020-1.0-0274", "PHSA-2020-1.0-0279", "PHSA-2020-1.0-0295", "PHSA-2020-2.0-0244", "PHSA-2020-2.0-0245", "PHSA-2020-3.0-0052", "PHSA-2020-3.0-0093"]}, {"type": "ptsecurity", "idList": ["PT-2019-05"]}, {"type": "redhat", "idList": ["RHSA-2020:1016", "RHSA-2020:1493", "RHSA-2020:1567", "RHSA-2020:1769", "RHSA-2020:2854", "RHSA-2020:4060", "RHSA-2020:4062", "RHSA-2020:4431", "RHSA-2020:4609", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2021:0856", "RHSA-2021:0857", "RHSA-2021:1129", "RHSA-2021:4140", "RHSA-2021:4356", "RHSA-2021:4627", "RHSA-2021:5137"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-14615", "RH:CVE-2019-15099", "RH:CVE-2019-15291", "RH:CVE-2019-16229", "RH:CVE-2019-16232", "RH:CVE-2019-18683", "RH:CVE-2019-18786", "RH:CVE-2019-18809", "RH:CVE-2019-18885", "RH:CVE-2019-19057", "RH:CVE-2019-19062", "RH:CVE-2019-19063", "RH:CVE-2019-19071", "RH:CVE-2019-19078", "RH:CVE-2019-19082", "RH:CVE-2019-19227", "RH:CVE-2019-19332", "RH:CVE-2019-19767", "RH:CVE-2019-19965", "RH:CVE-2019-20096", "RH:CVE-2019-5108", "RH:CVE-2020-7053", "RH:CVE-2020-8832"]}, {"type": "slackware", "idList": ["SSA-2020-008-01", "SSA-2020-086-01", "SSA-2021-202-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2307-1", "OPENSUSE-SU-2019:2308-1", "OPENSUSE-SU-2019:2392-1", "OPENSUSE-SU-2019:2444-1", "OPENSUSE-SU-2019:2675-1", "OPENSUSE-SU-2020:0336-1"]}, {"type": "symantec", "idList": ["SMNTC-110883", "SMNTC-110895", "SMNTC-110961", "SMNTC-111210", "SMNTC-111286", "SMNTC-111315", "SMNTC-111398"]}, {"type": "talos", "idList": ["TALOS-2019-0849", "TALOS-2019-0900"]}, {"type": "talosblog", "idList": ["TALOSBLOG:3408EA53C759FF775E8D772720035A70"]}, {"type": "threatpost", "idList": ["THREATPOST:3F81254E133ABD9AE724F95349C0040A", "THREATPOST:E8A45942B4C8BC03FF0C464DB57C713C"]}, {"type": "ubuntu", "idList": ["USN-4253-1", "USN-4253-2", "USN-4254-1", "USN-4254-2", "USN-4255-1", "USN-4255-2", "USN-4258-1", "USN-4284-1", "USN-4285-1", "USN-4286-1", "USN-4286-2", "USN-4287-1", "USN-4287-2", "USN-4300-1", "USN-4302-1", "USN-4904-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-14615", "UB:CVE-2019-15099", "UB:CVE-2019-15291", "UB:CVE-2019-16229", "UB:CVE-2019-16230", "UB:CVE-2019-16232", "UB:CVE-2019-18683", "UB:CVE-2019-18786", "UB:CVE-2019-18809", "UB:CVE-2019-18885", "UB:CVE-2019-19057", "UB:CVE-2019-19062", "UB:CVE-2019-19063", "UB:CVE-2019-19071", "UB:CVE-2019-19078", "UB:CVE-2019-19082", "UB:CVE-2019-19227", "UB:CVE-2019-19332", "UB:CVE-2019-19767", "UB:CVE-2019-19965", "UB:CVE-2019-20096", "UB:CVE-2019-5108", "UB:CVE-2020-7053", "UB:CVE-2020-8832"]}, {"type": "veracode", "idList": ["VERACODE:25103", "VERACODE:27119", "VERACODE:27696", "VERACODE:27754", "VERACODE:27757", "VERACODE:27758", "VERACODE:27762", "VERACODE:27768", "VERACODE:29331", "VERACODE:32996"]}]}, "score": {"value": 8.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:4431"]}, {"type": "amazon", "idList": ["ALAS-2020-1338"]}, {"type": "apple", "idList": ["APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:HT211100"]}, {"type": "centos", "idList": ["CESA-2020:4060"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1F5DBB3C3CBCE17DE26C796E1F59B3C4", "CFOUNDRY:A6BB54E614972BC1F16419D7DB82331A"]}, {"type": "cve", "idList": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-19332", "CVE-2020-7053"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2242-1:573AF", "DEBIAN:DSA-4698-1:66813"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-14615", "DEBIANCVE:CVE-2019-15099", "DEBIANCVE:CVE-2019-15291", "DEBIANCVE:CVE-2019-16229", "DEBIANCVE:CVE-2019-16232", "DEBIANCVE:CVE-2019-18683", "DEBIANCVE:CVE-2019-18786", "DEBIANCVE:CVE-2019-18809", "DEBIANCVE:CVE-2019-18885", "DEBIANCVE:CVE-2019-19057", "DEBIANCVE:CVE-2019-19062", "DEBIANCVE:CVE-2019-19063", "DEBIANCVE:CVE-2019-19071", "DEBIANCVE:CVE-2019-19078", "DEBIANCVE:CVE-2019-19082", "DEBIANCVE:CVE-2019-19227", "DEBIANCVE:CVE-2019-19332", "DEBIANCVE:CVE-2019-19767", "DEBIANCVE:CVE-2019-19965", "DEBIANCVE:CVE-2019-20096", "DEBIANCVE:CVE-2019-5108", "DEBIANCVE:CVE-2020-7053"]}, {"type": "f5", "idList": ["F5:K22526232", "F5:K28135205", "F5:K52125441", "F5:K76295179", "F5:K92969318"]}, {"type": "fedora", "idList": ["FEDORA:224AE608F491", "FEDORA:267796076024", "FEDORA:371E06040B12", "FEDORA:4002B609954A", "FEDORA:51B856067EB8", "FEDORA:59E3F606D998", "FEDORA:5BC786077CC2", "FEDORA:628EB603ECD0", "FEDORA:803AE30C6416", "FEDORA:8FEA960A4096", "FEDORA:94BC060A4ECF", "FEDORA:BF5EC607125E", "FEDORA:C63656040AE1", "FEDORA:CB0956087865", "FEDORA:EC9F26076D31"]}, {"type": "freebsd", "idList": ["D2C2C815-3793-11EA-8BE3-54E1AD3D6335"]}, {"type": "githubexploit", "idList": ["27D2D5B1-EEDA-50EF-A982-E805D9958998", "A435389F-9C9F-5CEA-8255-C23422F533AB"]}, {"type": "hp", "idList": ["HP:C06561734"]}, {"type": "ibm", "idList": ["7BEBE6C769A16D13746B813CF456C36F85AE1B1A1CBD26E71A53BD6E5B34E2F4"]}, {"type": "kitploit", "idList": ["KITPLOIT:1463882138321251213"]}, {"type": "lenovo", "idList": ["LENOVO:PS500302-NOSID"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/APPLE-OSX-INTELGRAPHICSDRIVER-CVE-2019-14615/", "MSF:ILITIES/DEBIAN-CVE-2019-14615/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-20096/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2019-20096/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-14615/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-20096/", "MSF:ILITIES/ORACLE_LINUX-CVE-2020-10742/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1392.NASL", "ALA_ALAS-2020-1338.NASL", "DEBIAN_DLA-2068.NASL", "EULEROS_SA-2020-1012.NASL", "EULEROS_SA-2020-1042.NASL", "EULEROS_SA-2020-1536.NASL", "FREEBSD_PKG_D2C2C815379311EA8BE354E1AD3D6335.NASL", "OPENSUSE-2019-2181.NASL", "OPENSUSE-2019-2307.NASL", "OPENSUSE-2019-2308.NASL", "OPENSUSE-2019-2392.NASL", "ORACLELINUX_ELSA-2020-5528.NASL", "ORACLELINUX_ELSA-2020-5533.NASL", "ORACLELINUX_ELSA-2020-5535.NASL", "ORACLELINUX_ELSA-2020-5676.NASL", "ORACLELINUX_ELSA-2020-5708.NASL", "ORACLELINUX_ELSA-2020-5715.NASL", "ORACLEVM_OVMSA-2020-0020.NASL", "PHOTONOS_PHSA-2019-3_0-0046_LINUX.NASL", "PHOTONOS_PHSA-2020-1_0-0295_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0245_LINUX.NASL", "PHOTONOS_PHSA-2020-3_0-0052_LINUX.NASL", "REDHAT-RHSA-2020-1567.NASL", "REDHAT-RHSA-2020-1769.NASL", "SLACKWARE_SSA_2020-008-01.NASL", "SUSE_SU-2019-2412-1.NASL", "SUSE_SU-2019-2424-1.NASL", "SUSE_SU-2019-2648-1.NASL", "SUSE_SU-2019-2706-1.NASL", "SUSE_SU-2019-2710-1.NASL", "SUSE_SU-2019-2738-1.NASL", "SUSE_SU-2019-2879-1.NASL", "SUSE_SU-2020-0093-1.NASL", "SUSE_SU-2020-1255-1.NASL", "SUSE_SU-2020-1275-1.NASL", "UBUNTU_USN-4253-1.NASL", "UBUNTU_USN-4253-2.NASL", "UBUNTU_USN-4254-1.NASL", "UBUNTU_USN-4255-1.NASL", "UBUNTU_USN-4255-2.NASL", "UBUNTU_USN-4258-1.NASL", "UBUNTU_USN-4904-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844312", "OPENVAS:1361412562310844314", "OPENVAS:1361412562310844316", "OPENVAS:1361412562310844317", "OPENVAS:1361412562310844318", "OPENVAS:1361412562310844319", "OPENVAS:1361412562310852737", "OPENVAS:1361412562310852750", "OPENVAS:1361412562310852855", "OPENVAS:1361412562310852953", "OPENVAS:1361412562310852970", "OPENVAS:1361412562310852971", "OPENVAS:1361412562310877113", "OPENVAS:1361412562310877132", "OPENVAS:1361412562310877136", "OPENVAS:1361412562310877209", "OPENVAS:1361412562310877358", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310892068", "OPENVAS:1361412562311220192106", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192283", "OPENVAS:1361412562311220192309", "OPENVAS:1361412562311220201012", "OPENVAS:1361412562311220201042", "OPENVAS:1361412562311220201536"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1769", "ELSA-2020-4431", "ELSA-2020-5528", "ELSA-2020-5535", "ELSA-2020-5708", "ELSA-2020-5715"]}, {"type": "photon", "idList": ["PHSA-2019-3.0-0046", "PHSA-2020-1.0-0274", "PHSA-2020-1.0-0279", "PHSA-2020-1.0-0295", "PHSA-2020-2.0-0244", "PHSA-2020-2.0-0245", "PHSA-2020-3.0-0052", "PHSA-2020-3.0-0093"]}, {"type": "ptsecurity", "idList": ["PT-2019-05"]}, {"type": "redhat", "idList": ["RHSA-2021:1129"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-15291", "RH:CVE-2019-16232", "RH:CVE-2019-18683", "RH:CVE-2019-18786", "RH:CVE-2019-18885", "RH:CVE-2019-19057", "RH:CVE-2019-19071", "RH:CVE-2019-19078", "RH:CVE-2019-19227", "RH:CVE-2019-19332", "RH:CVE-2019-19767", "RH:CVE-2019-20096"]}, {"type": "slackware", "idList": ["SSA-2020-008-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2181-1", "OPENSUSE-SU-2019:2307-1", "OPENSUSE-SU-2019:2308-1", "OPENSUSE-SU-2019:2444-1"]}, {"type": "symantec", "idList": ["SMNTC-110895"]}, {"type": "talos", "idList": ["TALOS-2019-0900"]}, {"type": "threatpost", "idList": ["THREATPOST:E8A45942B4C8BC03FF0C464DB57C713C"]}, {"type": "ubuntu", "idList": ["USN-4253-1", "USN-4253-2", "USN-4254-1", "USN-4254-2", "USN-4255-1", "USN-4255-2", "USN-4258-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-14615", "UB:CVE-2019-15099", "UB:CVE-2019-15291", "UB:CVE-2019-16229", "UB:CVE-2019-16232", "UB:CVE-2019-18683", "UB:CVE-2019-18786", "UB:CVE-2019-18809", "UB:CVE-2019-18885", "UB:CVE-2019-19057", "UB:CVE-2019-19062", "UB:CVE-2019-19063", "UB:CVE-2019-19071", "UB:CVE-2019-19078", "UB:CVE-2019-19082", "UB:CVE-2019-19227", "UB:CVE-2019-19332", "UB:CVE-2019-19767", "UB:CVE-2019-19965", "UB:CVE-2019-20096", "UB:CVE-2020-7053"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "xenial stemcells", "version": 621}, {"name": "xenial stemcells", "version": 456}, {"name": "xenial stemcells", "version": 315}, {"name": "xenial stemcells", "version": 250}, {"name": "xenial stemcells", "version": 170}, {"name": "xenial stemcells", "version": 97}]}, "epss": [{"cve": "CVE-2019-14615", "epss": 0.00087, "percentile": 0.35957, "modified": "2023-05-06"}, {"cve": "CVE-2019-15099", "epss": 0.00854, "percentile": 0.79864, "modified": "2023-05-06"}, {"cve": "CVE-2019-15291", "epss": 0.00123, "percentile": 0.45307, "modified": "2023-05-06"}, {"cve": "CVE-2019-16229", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}, {"cve": "CVE-2019-16232", "epss": 0.00063, "percentile": 0.2547, "modified": "2023-05-06"}, {"cve": "CVE-2019-18683", "epss": 0.00044, "percentile": 0.08252, "modified": "2023-05-06"}, {"cve": "CVE-2019-18786", "epss": 0.00047, "percentile": 0.14454, "modified": "2023-05-06"}, {"cve": "CVE-2019-18809", "epss": 0.00259, "percentile": 0.62118, "modified": "2023-05-06"}, {"cve": "CVE-2019-18885", "epss": 0.00098, "percentile": 0.39497, "modified": "2023-05-06"}, {"cve": "CVE-2019-19057", "epss": 0.00049, "percentile": 0.15309, "modified": "2023-05-06"}, {"cve": "CVE-2019-19062", "epss": 0.00046, "percentile": 0.1406, "modified": "2023-05-06"}, {"cve": "CVE-2019-19063", "epss": 0.00138, "percentile": 0.47955, "modified": "2023-05-06"}, {"cve": "CVE-2019-19071", "epss": 0.0066, "percentile": 0.76599, "modified": "2023-05-06"}, {"cve": "CVE-2019-19078", "epss": 0.00721, "percentile": 0.77798, "modified": "2023-05-06"}, {"cve": "CVE-2019-19082", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}, {"cve": "CVE-2019-19227", "epss": 0.00046, "percentile": 0.14019, "modified": "2023-05-06"}, {"cve": "CVE-2019-19332", "epss": 0.00065, "percentile": 0.2671, "modified": "2023-05-06"}, {"cve": "CVE-2019-19767", "epss": 0.00188, "percentile": 0.54776, "modified": "2023-05-06"}, {"cve": "CVE-2019-19965", "epss": 0.00063, "percentile": 0.2547, "modified": "2023-05-06"}, {"cve": "CVE-2019-20096", "epss": 0.00045, "percentile": 0.12286, "modified": "2023-05-06"}, {"cve": "CVE-2019-5108", "epss": 0.00119, "percentile": 0.44688, "modified": "2023-05-06"}, {"cve": "CVE-2020-7053", "epss": 0.00045, "percentile": 0.1211, "modified": "2023-05-06"}], "vulnersScore": 8.1}, "_state": {"dependencies": 1686416527, "score": 1686415348, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "51944825ad95231cd9fcfeb2afac9617"}, "affectedSoftware": [{"version": "621.59", "operator": "lt", "name": "xenial stemcells"}, {"version": "456.100", "operator": "lt", "name": "xenial stemcells"}, {"version": "315.171", "operator": "lt", "name": "xenial stemcells"}, {"version": "250.185", "operator": "lt", "name": "xenial stemcells"}, {"version": "170.205", "operator": "lt", "name": "xenial stemcells"}, {"version": "97.234", "operator": "lt", "name": "xenial stemcells"}]}

{"nessus": [{"lastseen": "2023-05-18T14:56:53", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the Linux kernel did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux kernel did not properly handle certain conditions. An attacker could use this to specially craft an ext4 file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19767)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4287-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19767", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-4.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4287-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133800", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4287-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133800);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19767\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n script_xref(name:\"USN\", value:\"4287-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4287-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly validate device metadata. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices\ndid not properly check for errors in certain situations, leading to a\nNULL pointer dereference. A local attacker could possibly use this to\ncause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in\nthe Linux kernel did not properly check for errors in certain\nsituations, leading to a NULL pointer dereference. A local attacker\ncould possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video\nTest Driver in the Linux kernel. An attacker with write access to\n/dev/video0 on a system with the vivid module loaded could possibly\nuse this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF)\ndriver in the Linux kernel did not properly initialize data. A local\nattacker could possibly use this to expose sensitive information\n(kernel memory). (CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in\nthe Linux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did\nnot properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image\nthat, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A local attacker could possibly\nuse this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly deallocate memory in certain\nerror conditions. A local attacker could possibly use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A\nlocal attacker could use this to possibly cause a denial of service\n(kernel memory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of\nthe Linux kernel did not properly handle certain error conditions,\nleading to a NULL pointer dereference. A local attacker could use this\nto cause a denial of service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle ioctl requests to get emulated CPUID\nfeatures. An attacker with access to /dev/kvm could use this to cause\na denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the\nLinux kernel did not properly handle certain conditions. An attacker\ncould use this to specially craft an ext4 file system that, when\nmounted, could cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-19767)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer\ndereference. A local attacker could possibly use this to cause a\ndenial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\nimplementation in the Linux kernel did not properly deallocate memory\nin certain error conditions. An attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux\nkernel when used as an access point would send IAPP location updates\nfor stations before client authentication had completed. A physically\nproximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free\nwhile destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2020-7053)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4287-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18683\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-4.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19767\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4287-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1033-oracle\", pkgver:\"4.15.0-1033.36~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1055-gcp\", pkgver:\"4.15.0-1055.59\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1060-aws\", pkgver:\"4.15.0-1060.62~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1071-azure\", pkgver:\"4.15.0-1071.76\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-88-generic\", pkgver:\"4.15.0-88.88~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-88-generic-lpae\", pkgver:\"4.15.0-88.88~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-88-lowlatency\", pkgver:\"4.15.0-88.88~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1060.60\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1071.74\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1055.69\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.88.98\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.88.98\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1055.69\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.88.98\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.88.98\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1033.26\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual-hwe-16.04\", pkgver:\"4.15.0.88.98\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1033-oracle\", pkgver:\"4.15.0-1033.36\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1052-gke\", pkgver:\"4.15.0-1052.55\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1053-kvm\", pkgver:\"4.15.0-1053.53\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1055-raspi2\", pkgver:\"4.15.0-1055.59\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1060-aws\", pkgver:\"4.15.0-1060.62\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1072-snapdragon\", pkgver:\"4.15.0-1072.79\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-88-generic\", pkgver:\"4.15.0-88.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-88-generic-lpae\", pkgver:\"4.15.0-88.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-88-lowlatency\", pkgver:\"4.15.0-88.88\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1060.61\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws-lts-18.04\", pkgver:\"4.15.0.1060.61\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.88.80\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.88.80\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1052.56\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-4.15\", pkgver:\"4.15.0.1052.56\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.15.0.1053.53\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.88.80\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1033.38\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle-lts-18.04\", pkgver:\"4.15.0.1033.38\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.15.0.1055.53\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.15.0.1072.75\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.15.0.88.80\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-azure / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:33", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19063)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the Linux kernel did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4254-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-15291", "CVE-2019-18683", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19227", "CVE-2019-19332"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4254-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133293", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4254-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133293);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15291\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19227\", \"CVE-2019-19332\");\n script_xref(name:\"USN\", value:\"4254-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4254-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Virtual Video\nTest Driver in the Linux kernel. An attacker with write access to\n/dev/video0 on a system with the vivid module loaded could possibly\nuse this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did\nnot properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image\nthat, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A local attacker could possibly\nuse this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19063)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of\nthe Linux kernel did not properly handle certain error conditions,\nleading to a NULL pointer dereference. A local attacker could use this\nto cause a denial of service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle ioctl requests to get emulated CPUID\nfeatures. An attacker with access to /dev/kvm could use this to cause\na denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4254-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18683\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2019-15291\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19227\", \"CVE-2019-19332\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4254-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1065-kvm\", pkgver:\"4.4.0-1065.72\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1101-aws\", pkgver:\"4.4.0-1101.112\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1128-raspi2\", pkgver:\"4.4.0-1128.137\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1132-snapdragon\", pkgver:\"4.4.0-1132.140\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-173-generic\", pkgver:\"4.4.0-173.203\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-173-generic-lpae\", pkgver:\"4.4.0-173.203\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-173-lowlatency\", pkgver:\"4.4.0-173.203\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1101.105\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.173.181\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.173.181\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1065.65\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.173.181\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1128.128\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1132.124\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.173.181\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:39", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786).\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-19063", "CVE-2019-19947", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4285-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4285-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133798);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-19057\", \"CVE-2019-19063\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n script_xref(name:\"USN\", value:\"4285-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices\ndid not properly check for errors in certain situations, leading to a\nNULL pointer dereference. A local attacker could possibly use this to\ncause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in\nthe Linux kernel did not properly check for errors in certain\nsituations, leading to a NULL pointer dereference. A local attacker\ncould possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF)\ndriver in the Linux kernel did not properly initialize data. A local\nattacker could possibly use this to expose sensitive information\n(kernel memory). (CVE-2019-18786).\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in\nthe Linux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that multiple memory leaks existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A local attacker could possibly\nuse this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel\ndid not properly initialize memory in certain situations. A local\nattacker could possibly use this to expose sensitive information\n(kernel memory). (CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer\ndereference. A local attacker could possibly use this to cause a\ndenial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\nimplementation in the Linux kernel did not properly deallocate memory\nin certain error conditions. An attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux\nkernel when used as an access point would send IAPP location updates\nfor stations before client authentication had completed. A physically\nproximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free\nwhile destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4285-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-7053\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-19057\", \"CVE-2019-19063\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4285-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1011-oracle\", pkgver:\"5.0.0-1011.16\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1025-aws\", pkgver:\"5.0.0-1025.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1030-gke\", pkgver:\"5.0.0-1030.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1031-gcp\", pkgver:\"5.0.0-1031.32\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1032-azure\", pkgver:\"5.0.0-1032.34\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1032.43\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1031.35\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1030.18\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:15", "description": "It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099)\n\nIt was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the Qualcomm IPC Router TUN device driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19079)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the Linux kernel did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-19227)\n\nOr Cohen discovered that the virtual console subsystem in the Linux kernel did not properly restrict writes to unimplemented vcsu (unicode) devices. A local attacker could possibly use this to cause a denial of service (system crash) or have other unspecified impacts.\n(CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux kernel did not properly handle certain conditions. An attacker could use this to specially craft an ext4 file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19767)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-30T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4258-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15099", "CVE-2019-15291", "CVE-2019-18683", "CVE-2019-18885", "CVE-2019-19050", "CVE-2019-19062", "CVE-2019-19071", "CVE-2019-19077", "CVE-2019-19078", "CVE-2019-19079", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19767"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4258-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133354", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4258-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133354);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19079\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19767\");\n script_xref(name:\"USN\", value:\"4258-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4258-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly validate device metadata. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15099)\n\nIt was discovered that a race condition existed in the Virtual Video\nTest Driver in the Linux kernel. An attacker with write access to\n/dev/video0 on a system with the vivid module loaded could possibly\nuse this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did\nnot properly validate metadata, leading to a NULL pointer dereference.\nAn attacker could use this to specially craft a file system image\nthat, when mounted, could cause a denial of service (system crash).\n(CVE-2019-18885)\n\nIt was discovered that the crypto subsystem in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly deallocate memory in certain\nerror conditions. A local attacker could possibly use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the Qualcomm IPC Router TUN device driver in\nthe Linux kernel did not properly deallocate memory in certain\nsituations. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19079)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A\nlocal attacker could use this to possibly cause a denial of service\n(kernel memory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of\nthe Linux kernel did not properly handle certain error conditions,\nleading to a NULL pointer dereference. A local attacker could use this\nto cause a denial of service (system crash). (CVE-2019-19227)\n\nOr Cohen discovered that the virtual console subsystem in the Linux\nkernel did not properly restrict writes to unimplemented vcsu\n(unicode) devices. A local attacker could possibly use this to cause a\ndenial of service (system crash) or have other unspecified impacts.\n(CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle ioctl requests to get emulated CPUID\nfeatures. An attacker with access to /dev/kvm could use this to cause\na denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the\nLinux kernel did not properly handle certain conditions. An attacker\ncould use this to specially craft an ext4 file system that, when\nmounted, could cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-19767)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4258-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18683\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19079\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19767\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4258-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1010-oracle\", pkgver:\"5.0.0-1010.15~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1024-aws\", pkgver:\"5.0.0-1024.27~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1029-gcp\", pkgver:\"5.0.0-1029.30~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1029-gke\", pkgver:\"5.0.0-1029.30~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws-edge\", pkgver:\"5.0.0.1024.38\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1029.33\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1029.17\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle-edge\", pkgver:\"5.0.0.1010.9\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-5.0-gcp / linux-image-5.0-gke / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:54", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the Linux kernel did not properly check for errors in certain situations, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write access to /dev/video0 on a system with the vivid module loaded could possibly use this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in the Linux kernel did not properly initialize data. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-18786)\n\nIt was discovered that the Sound Open Firmware (SOF) driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-18811)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex Driver for the Linux kernel. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19082)\n\nIt was discovered that the IO uring implementation in the Linux kernel did not properly perform credentials checks in certain situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2019-19241)\n\nOr Cohen discovered that the virtual console subsystem in the Linux kernel did not properly restrict writes to unimplemented vcsu (unicode) devices. A local attacker could possibly use this to cause a denial of service (system crash) or have other unspecified impacts.\n(CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle ioctl requests to get emulated CPUID features. An attacker with access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that a race condition existed in the Linux kernel on x86 platforms when keeping track of which process was assigned control of the FPU. A local attacker could use this to cause a denial of service (memory corruption) or possibly gain administrative privileges. (CVE-2019-19602)\n\nIt was discovered that the ext4 file system implementation in the Linux kernel did not properly handle certain conditions. An attacker could use this to specially craft an ext4 file system that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19767)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.10 : Linux kernel vulnerabilities (USN-4284-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18811", "CVE-2019-19050", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19077", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19241", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19602", "CVE-2019-19767", "CVE-2019-19947", "CVE-2019-19965"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4284-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133797", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4284-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133797);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18811\", \"CVE-2019-19050\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19241\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19602\", \"CVE-2019-19767\", \"CVE-2019-19947\", \"CVE-2019-19965\");\n script_xref(name:\"USN\", value:\"4284-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.10 : Linux kernel vulnerabilities (USN-4284-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly validate device metadata. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices\ndid not properly check for errors in certain situations, leading to a\nNULL pointer dereference. A local attacker could possibly use this to\ncause a denial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in\nthe Linux kernel did not properly check for errors in certain\nsituations, leading to a NULL pointer dereference. A local attacker\ncould possibly use this to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video\nTest Driver in the Linux kernel. An attacker with write access to\n/dev/video0 on a system with the vivid module loaded could possibly\nuse this to gain administrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF)\ndriver in the Linux kernel did not properly initialize data. A local\nattacker could possibly use this to expose sensitive information\n(kernel memory). (CVE-2019-18786)\n\nIt was discovered that the Sound Open Firmware (SOF) driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-18811)\n\nIt was discovered that the crypto subsystem in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that multiple memory leaks existed in the Marvell\nWiFi-Ex Driver for the Linux kernel. A local attacker could possibly\nuse this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver\nin the Linux kernel did not properly deallocate memory in certain\nerror conditions. A local attacker could possibly use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A\nlocal attacker could use this to possibly cause a denial of service\n(kernel memory exhaustion). (CVE-2019-19082)\n\nIt was discovered that the IO uring implementation in the Linux kernel\ndid not properly perform credentials checks in certain situations. A\nlocal attacker could possibly use this to gain administrative\nprivileges. (CVE-2019-19241)\n\nOr Cohen discovered that the virtual console subsystem in the Linux\nkernel did not properly restrict writes to unimplemented vcsu\n(unicode) devices. A local attacker could possibly use this to cause a\ndenial of service (system crash) or have other unspecified impacts.\n(CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle ioctl requests to get emulated CPUID\nfeatures. An attacker with access to /dev/kvm could use this to cause\na denial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that a race condition existed in the Linux kernel on\nx86 platforms when keeping track of which process was assigned control\nof the FPU. A local attacker could use this to cause a denial of\nservice (memory corruption) or possibly gain administrative\nprivileges. (CVE-2019-19602)\n\nIt was discovered that the ext4 file system implementation in the\nLinux kernel did not properly handle certain conditions. An attacker\ncould use this to specially craft an ext4 file system that, when\nmounted, could cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-19767)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel\ndid not properly initialize memory in certain situations. A local\nattacker could possibly use this to expose sensitive information\n(kernel memory). (CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer\ndereference. A local attacker could possibly use this to cause a\ndenial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux\nkernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15291).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4284-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18683\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-15291\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18811\", \"CVE-2019-19050\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19241\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19602\", \"CVE-2019-19767\", \"CVE-2019-19947\", \"CVE-2019-19965\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4284-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-1012-gcp\", pkgver:\"5.3.0-1012.13~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-1013-azure\", pkgver:\"5.3.0-1013.14~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-1018-raspi2\", pkgver:\"5.3.0-1018.20~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-40-generic\", pkgver:\"5.3.0-40.32~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-40-generic-lpae\", pkgver:\"5.3.0-40.32~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-40-lowlatency\", pkgver:\"5.3.0-40.32~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure-edge\", pkgver:\"5.3.0.1013.13\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp-edge\", pkgver:\"5.3.0.1012.11\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.3.0.40.97\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.3.0.40.97\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.3.0.40.97\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-raspi2-hwe-18.04\", pkgver:\"5.3.0.1018.7\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.3.0.40.97\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.3.0.40.97\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1009-oracle\", pkgver:\"5.3.0-1009.10\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1010-kvm\", pkgver:\"5.3.0-1010.11\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1011-aws\", pkgver:\"5.3.0-1011.12\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1012-gcp\", pkgver:\"5.3.0-1012.13\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1013-azure\", pkgver:\"5.3.0-1013.14\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1018-raspi2\", pkgver:\"5.3.0-1018.20\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-40-generic\", pkgver:\"5.3.0-40.32\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-40-generic-lpae\", pkgver:\"5.3.0-40.32\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-40-lowlatency\", pkgver:\"5.3.0-40.32\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-40-snapdragon\", pkgver:\"5.3.0-40.32\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-aws\", pkgver:\"5.3.0.1011.13\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-azure\", pkgver:\"5.3.0.1013.31\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-gcp\", pkgver:\"5.3.0.1012.13\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-generic\", pkgver:\"5.3.0.40.34\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.3.0.40.34\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-gke\", pkgver:\"5.3.0.1012.13\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-kvm\", pkgver:\"5.3.0.1010.12\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.3.0.40.34\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-oracle\", pkgver:\"5.3.0.1009.10\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-raspi2\", pkgver:\"5.3.0.1018.15\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-snapdragon\", pkgver:\"5.3.0.40.34\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-virtual\", pkgver:\"5.3.0.40.34\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.3-aws / linux-image-5.3-azure / linux-image-5.3-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:02:03", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "Slackware 14.2 : Slackware 14.2 kernel (SSA:2020-008-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12614", "CVE-2019-15291", "CVE-2019-15917", "CVE-2019-18660", "CVE-2019-18683", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19524"], "modified": "2020-02-28T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2020-008-01.NASL", "href": "https://www.tenable.com/plugins/nessus/132741", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2020-008-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132741);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/28\");\n\n script_cve_id(\"CVE-2019-12614\", \"CVE-2019-15291\", \"CVE-2019-15917\", \"CVE-2019-18660\", \"CVE-2019-18683\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19338\", \"CVE-2019-19524\");\n script_xref(name:\"SSA\", value:\"2020-008-01\");\n\n script_name(english:\"Slackware 14.2 : Slackware 14.2 kernel (SSA:2020-008-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.2 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?771b541a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18683\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.208\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.208_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.208_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.208\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.208_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.208\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.208_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.208_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.208\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.208\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.208\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.208\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.208\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:02:28", "description": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.\n(CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. (CVE-2019-19332)", "cvss3": {}, "published": "2020-02-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2020-1392)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19062", "CVE-2019-19332"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.165-131.185", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2020-1392.NASL", "href": "https://www.tenable.com/plugins/nessus/133556", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2020-1392.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133556);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2019-19062\", \"CVE-2019-19332\");\n script_xref(name:\"ALAS\", value:\"2020-1392\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2020-1392)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak in the crypto_report() function in\ncrypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows\nattackers to cause a denial of service (memory consumption) by\ntriggering crypto_report_alg() failures, aka CID-ffdde5932042.\n(CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel,\nversion 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor\nhandled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID\nfeatures emulated by the KVM hypervisor. A user or process able to\naccess the '/dev/kvm' device could use this flaw to crash the system,\nresulting in a denial of service. (CVE-2019-19332)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2020-1392.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19332\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.165-131.185\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-livepatch-4.14.165-131.185-1.0-0.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.165-131.185.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.165-131.185.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:54", "description": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.\n(CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. (CVE-2019-19332 )", "cvss3": {}, "published": "2020-02-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2020-1338)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19062", "CVE-2019-19332"], "modified": "2020-02-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1338.NASL", "href": "https://www.tenable.com/plugins/nessus/133557", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1338.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133557);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/12\");\n\n script_cve_id(\"CVE-2019-19062\", \"CVE-2019-19332\");\n script_xref(name:\"ALAS\", value:\"2020-1338\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2020-1338)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A memory leak in the crypto_report() function in\ncrypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows\nattackers to cause a denial of service (memory consumption) by\ntriggering crypto_report_alg() failures, aka CID-ffdde5932042.\n(CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel,\nversion 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor\nhandled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID\nfeatures emulated by the KVM hypervisor. A user or process able to\naccess the '/dev/kvm' device could use this flaw to crash the system,\nresulting in a denial of service. (CVE-2019-19332 )\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2020-1338.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19332\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.165-102.185.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.165-102.185.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:34", "description": "USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-30T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4255-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4255-2.NASL", "href": "https://www.tenable.com/plugins/nessus/133351", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4255-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133351);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2020-7053\");\n script_xref(name:\"USN\", value:\"4255-2\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-4255-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu\n16.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free\nwhile destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4255-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2020-7053\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4255-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1058-aws\", pkgver:\"4.15.0-1058.60~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-76-generic\", pkgver:\"4.15.0-76.86~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-76-generic-lpae\", pkgver:\"4.15.0-76.86~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-76-lowlatency\", pkgver:\"4.15.0-76.86~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1058.58\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.76.96\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.76.96\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.76.96\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.76.96\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual-hwe-16.04\", pkgver:\"4.15.0.76.96\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:40", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4255-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4255-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4255-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133294);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2020-7053\");\n script_xref(name:\"USN\", value:\"4255-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4255-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free\nwhile destroying GEM contexts in the i915 driver for the Linux kernel.\nA local attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2020-7053).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4255-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2020-7053\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4255-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1058-aws\", pkgver:\"4.15.0-1058.60\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1067-oem\", pkgver:\"4.15.0-1067.77\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-76-generic\", pkgver:\"4.15.0-76.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-76-generic-lpae\", pkgver:\"4.15.0-76.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-76-lowlatency\", pkgver:\"4.15.0-76.86\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1058.59\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws-lts-18.04\", pkgver:\"4.15.0.1058.59\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.76.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.76.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.76.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.1067.71\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.15.0.76.78\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:41", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5569 advisory.\n\n - A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895)\n\n - A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. (CVE-2019-14901)\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\n - Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.\n (CVE-2019-14615)\n\n - In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c. (CVE-2020-7053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-18T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5569)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-14895", "CVE-2019-14901", "CVE-2019-15291", "CVE-2020-7053"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2020-5569.NASL", "href": "https://www.tenable.com/plugins/nessus/134645", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5569.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134645);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2019-14615\",\n \"CVE-2019-14895\",\n \"CVE-2019-14901\",\n \"CVE-2019-15291\",\n \"CVE-2020-7053\"\n );\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2020-5569)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-5569 advisory.\n\n - A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before\n 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection\n negotiation during the handling of the remote devices country settings. This could allow the remote device\n to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895)\n\n - A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell\n WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a\n denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the\n availability of the system. If code execution occurs, the code will run with the permissions of root. This\n will affect both confidentiality and integrity of files on the system. (CVE-2019-14901)\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a\n malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\n - Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor\n Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.\n (CVE-2019-14615)\n\n - In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2),\n there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c,\n aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in\n drivers/gpu/drm/i915/i915_gem_context.c. (CVE-2020-7053)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5569.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14901\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-1902.11.3.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-5569');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-4.14.35-1902.11.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1902.11.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1902.11.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1902.11.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-doc-4.14.35-1902.11.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.14.35'},\n {'reference':'kernel-uek-headers-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1902.11.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-libs-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-4.14.35'},\n {'reference':'kernel-uek-tools-libs-devel-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-devel-4.14.35'},\n {'reference':'perf-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.35-1902.11.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:17", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash).\n(CVE-2019-15220)\n\nJulien Grall discovered that the Xen balloon memory driver in the Linux kernel did not properly restrict the amount of memory set aside for page mappings in some situations. An attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-17351)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19051)\n\nIt was discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19056)\n\nIt was discovered that the Brocade BFA Fibre Channel device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19066)\n\nIt was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19068)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel contained a race condition that could lead to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel did not properly deallocate memory in certain error conditions. An attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel when used as an access point would send IAPP location updates for stations before client authentication had completed. A physically proximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash).\n(CVE-2019-15217)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4286-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2019-15217", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-17351", "CVE-2019-19051", "CVE-2019-19056", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4286-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133799", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4286-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133799);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15217\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-17351\", \"CVE-2019-19051\", \"CVE-2019-19056\", \"CVE-2019-19066\", \"CVE-2019-19068\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\");\n script_xref(name:\"USN\", value:\"4286-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4286-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Softmac USB\nPrism54 device driver in the Linux kernel. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-15220)\n\nJulien Grall discovered that the Xen balloon memory driver in the\nLinux kernel did not properly restrict the amount of memory set aside\nfor page mappings in some situations. An attacker could use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-17351)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel\ndid not properly deallocate memory in certain situations. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19051)\n\nIt was discovered that the Marvell Wi-Fi device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions.\nA local attacker could use this to possibly cause a denial of service\n(kernel memory exhaustion). (CVE-2019-19056)\n\nIt was discovered that the Brocade BFA Fibre Channel device driver in\nthe Linux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19066)\n\nIt was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in\nthe Linux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-19068)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer\ndereference. A local attacker could possibly use this to cause a\ndenial of service (system crash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\nimplementation in the Linux kernel did not properly deallocate memory\nin certain error conditions. An attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux\nkernel when used as an access point would send IAPP location updates\nfor stations before client authentication had completed. A physically\nproximate attacker could use this to cause a denial of service.\n(CVE-2019-5108)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did not properly initialize memory. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-15217)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux\nkernel did not properly validate data size information from the\ndevice. A physically proximate attacker could use this to cause a\ndenial of service (system crash). (CVE-2019-15221).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4286-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14615\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\", \"CVE-2019-15217\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-17351\", \"CVE-2019-19051\", \"CVE-2019-19056\", \"CVE-2019-19066\", \"CVE-2019-19068\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4286-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1066-kvm\", pkgver:\"4.4.0-1066.73\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1102-aws\", pkgver:\"4.4.0-1102.113\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1129-raspi2\", pkgver:\"4.4.0-1129.138\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1133-snapdragon\", pkgver:\"4.4.0-1133.141\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-174-generic\", pkgver:\"4.4.0-174.204\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-174-generic-lpae\", pkgver:\"4.4.0-174.204\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-174-lowlatency\", pkgver:\"4.4.0-174.204\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1102.106\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.174.182\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.174.182\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1066.66\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.174.182\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1129.129\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1133.125\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.174.182\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:03:18", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2020-1.0-0295", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18885"], "modified": "2020-06-04T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2020-1_0-0295_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/137057", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0295. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137057);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2019-18885\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2020-1.0-0295\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-295.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18885\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-dev-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-docs-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-4.4.221-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.4.221-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.4.221-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-sound-4.4.221-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"linux-tools-4.4.221-3.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:00:19", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-05-27T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Linux PHSA-2020-2.0-0245", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18885"], "modified": "2020-06-04T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0245_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/136901", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0245. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136901);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2019-18885\");\n\n script_name(english:\"Photon OS 2.0: Linux PHSA-2020-2.0-0245\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-245.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18885\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-devel-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-docs-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-drivers-gpu-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-oprofile-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-sound-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-devel-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-docs-4.9.221-3.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-lkcm-4.9.221-3.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:56:42", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc.Security Fix(es):In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).(CVE-2019-19770)mwifiex_tm_cmd in driverset/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.(CVE-2019-20095)TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.(CVE-2019-11135)A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.(CVE-2019-19062)In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.(CVE-2019-19543)In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.(CVE-2019-19965)In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.(CVE-2019-19966)An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.(CVE-2019-17351)A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.(CVE-2019-19048)kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel it only causes mismanagement of application execution.)(CVE-2019-19922)An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.(CVE-2019-19332)A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. When a guest is running on a host CPU affected by the TAA flaw (TAA_NO=0), but is not affected by the MDS issue (MDS_NO=1), the guest was to clear the affected buffers by using a VERW instruction mechanism. But when the MDS_NO=1 bit was exported to the guests, the guests did not use the VERW mechanism to clear the affected buffers. This issue affects guests running on Cascade Lake CPUs and requires that host has 'TSX' enabled. Confidentiality of data is the highest threat associated with this vulnerability.(CVE-2019-19338)In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.(CVE-2019-19927)In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c.(CVE-2020-7053) In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the driverset/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.(CVE-2019-19947)In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.(CVE-2019-20054)In the Linux kernel before 5.1, there is a memory leak in\n __feat_register_sp() in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b.(CVE-2019-20096)A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.(CVE-2019-14896)A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could allow the remote device to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2019-14895)A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.(CVE-2019-14897)An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to different denial-of-service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby APs of the same wireless infrastructure.\n An attacker can forge Authentication and Association Request packets to trigger this vulnerability.(CVE-2019-5108)drivers/gpu/drm/radeon/rad eon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.(CVE-2019-16230)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-11135", "CVE-2019-14895", "CVE-2019-14896", "CVE-2019-14897", "CVE-2019-16230", "CVE-2019-17351", "CVE-2019-19048", "CVE-2019-19062", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19543", "CVE-2019-19770", "CVE-2019-19922", "CVE-2019-19927", "CVE-2019-19947", "CVE-2019-19965", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20095", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1158.NASL", "href": "https://www.tenable.com/plugins/nessus/133992", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133992);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-11135\",\n \"CVE-2019-14895\",\n \"CVE-2019-14896\",\n \"CVE-2019-14897\",\n \"CVE-2019-16230\",\n \"CVE-2019-17351\",\n \"CVE-2019-19048\",\n \"CVE-2019-19062\",\n \"CVE-2019-19332\",\n \"CVE-2019-19338\",\n \"CVE-2019-19543\",\n \"CVE-2019-19770\",\n \"CVE-2019-19922\",\n \"CVE-2019-19927\",\n \"CVE-2019-19947\",\n \"CVE-2019-19965\",\n \"CVE-2019-19966\",\n \"CVE-2019-20054\",\n \"CVE-2019-20095\",\n \"CVE-2019-20096\",\n \"CVE-2019-5108\",\n \"CVE-2020-7053\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1158)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):In the Linux kernel\n 4.19.83, there is a use-after-free (read) in the\n debugfs_remove function in fs/debugfs/inode.c (which is\n used to remove a file or directory in debugfs that was\n previously created with a call to another debugfs\n function such as\n debugfs_create_file).(CVE-2019-19770)mwifiex_tm_cmd in\n driverset/wireless/marvell/mwifiex/cfg80211.c in the\n Linux kernel before 5.1.6 has some error-handling cases\n that did not free allocated hostcmd memory, aka\n CID-003b686ace82. This will cause a memory leak and\n denial of service.(CVE-2019-20095)TSX Asynchronous\n Abort condition on some CPUs utilizing speculative\n execution may allow an authenticated user to\n potentially enable information disclosure via a side\n channel with local access.(CVE-2019-11135)A memory leak\n in the crypto_report() function in\n crypto/crypto_user_base.c in the Linux kernel through\n 5.3.11 allows attackers to cause a denial of service\n (memory consumption) by triggering crypto_report_alg()\n failures, aka CID-ffdde5932042.(CVE-2019-19062)In the\n Linux kernel before 5.1.6, there is a use-after-free in\n serial_ir_init_module() in\n drivers/media/rc/serial_ir.c.(CVE-2019-19543)In the\n Linux kernel through 5.4.6, there is a NULL pointer\n dereference in drivers/scsi/libsas/sas_discover.c\n because of mishandling of port disconnection during\n discovery, related to a PHY down race condition, aka\n CID-f70267f379b5.(CVE-2019-19965)In the Linux kernel\n before 5.1.6, there is a use-after-free in cpia2_exit()\n in drivers/media/usb/cpia2/cpia2_v4l.c that will cause\n denial of service, aka\n CID-dea37a972655.(CVE-2019-19966)An issue was\n discovered in drivers/xen/balloon.c in the Linux kernel\n before 5.2.3, as used in Xen through 4.12.x, allowing\n guest OS users to cause a denial of service because of\n unrestricted resource consumption during the mapping of\n guest memory, aka CID-6ef36ab967c7.(CVE-2019-17351)A\n memory leak in the crypto_reportstat() function in\n drivers/virt/vboxguest/vboxguest_utils.c in the Linux\n kernel before 5.3.9 allows attackers to cause a denial\n of service (memory consumption) by triggering\n copy_form_user() failures, aka\n CID-e0b0cb938864.(CVE-2019-19048)kernel/sched/fair.c in\n the Linux kernel before 5.3.9, when cpu.cfs_quota_us is\n used (e.g., with Kubernetes), allows attackers to cause\n a denial of service against non-cpu-bound applications\n by generating a workload that triggers unwanted slice\n expiration, aka CID-de53fd7aedb1. (In other words,\n although this slice expiration would typically be seen\n with benign workloads, it is possible that an attacker\n could calculate how many stray requests are required to\n force an entire Kubernetes cluster into a\n low-performance state caused by slice expiration, and\n ensure that a DDoS attack sent that number of stray\n requests. An attack does not affect the stability of\n the kernel it only causes mismanagement of application\n execution.)(CVE-2019-19922)An out-of-bounds memory\n write issue was found in the Linux Kernel, version 3.13\n through 5.4, in the way the Linux kernel's KVM\n hypervisor handled the 'KVM_GET_EMULATED_CPUID'\n ioctl(2) request to get CPUID features emulated by the\n KVM hypervisor. A user or process able to access the\n '/dev/kvm' device could use this flaw to crash the\n system, resulting in a denial of\n service.(CVE-2019-19332)A flaw was found in the fix for\n CVE-2019-11135, the way Intel CPUs handle speculative\n execution of instructions when a TSX Asynchronous Abort\n (TAA) error occurs. When a guest is running on a host\n CPU affected by the TAA flaw (TAA_NO=0), but is not\n affected by the MDS issue (MDS_NO=1), the guest was to\n clear the affected buffers by using a VERW instruction\n mechanism. But when the MDS_NO=1 bit was exported to\n the guests, the guests did not use the VERW mechanism\n to clear the affected buffers. This issue affects\n guests running on Cascade Lake CPUs and requires that\n host has 'TSX' enabled. Confidentiality of data is the\n highest threat associated with this\n vulnerability.(CVE-2019-19338)In the Linux kernel\n 5.0.0-rc7 (as distributed in ubuntu/linux.git on\n kernel.ubuntu.com), mounting a crafted f2fs filesystem\n image and performing some operations can lead to\n slab-out-of-bounds read access in ttm_put_pages in\n drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related\n to the vmwgfx or ttm module.(CVE-2019-19927)In the\n Linux kernel 4.14 longterm through 4.14.165 and 4.19\n longterm through 4.19.96 (and 5.x before 5.2), there is\n a use-after-free (write) in the i915_ppgtt_close\n function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka\n CID-7dc40713618c. This is related to\n i915_gem_context_destroy_ioctl in\n drivers/gpu/drm/i915/i915_gem_context.c.(CVE-2020-7053)\n In the Linux kernel through 5.4.6, there are\n information leaks of uninitialized memory to a USB\n device in the\n driverset/can/usb/kvaser_usb/kvaser_usb_leaf.c driver,\n aka CID-da2311a6385c.(CVE-2019-19947)In the Linux\n kernel before 5.0.6, there is a NULL pointer\n dereference in drop_sysctl_table() in\n fs/proc/proc_sysctl.c, related to put_links, aka\n CID-23da9588037e.(CVE-2019-20054)In the Linux kernel\n before 5.1, there is a memory leak in\n __feat_register_sp() in net/dccp/feat.c, which may\n cause denial of service, aka\n CID-1d3ff0950e2b.(CVE-2019-20096)A heap-based buffer\n overflow vulnerability was found in the Linux kernel,\n version kernel-2.6.32, in Marvell WiFi chip driver. A\n remote attacker could cause a denial of service (system\n crash) or, possibly execute arbitrary code, when the\n lbs_ibss_join_existing function is called after a STA\n connects to an AP.(CVE-2019-14896)A heap-based buffer\n overflow was discovered in the Linux kernel, all\n versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi\n chip driver. The flaw could occur when the station\n attempts a connection negotiation during the handling\n of the remote devices country settings. This could\n allow the remote device to cause a denial of service\n (system crash) or possibly execute arbitrary\n code.(CVE-2019-14895)A stack-based buffer overflow was\n found in the Linux kernel, version kernel-2.6.32, in\n Marvell WiFi chip driver. An attacker is able to cause\n a denial of service (system crash) or, possibly execute\n arbitrary code, when a STA works in IBSS mode (allows\n connecting stations together without the use of an AP)\n and connects to another STA.(CVE-2019-14897)An\n exploitable denial-of-service vulnerability exists in\n the Linux kernel prior to mainline 5.3. An attacker\n could exploit this vulnerability by triggering AP to\n send IAPP location updates for stations before the\n required authentication process has completed. This\n could lead to different denial-of-service scenarios,\n either by causing CAM table attacks, or by leading to\n traffic flapping if faking already existing clients in\n other nearby APs of the same wireless infrastructure.\n An attacker can forge Authentication and Association\n Request packets to trigger this\n vulnerability.(CVE-2019-5108)drivers/gpu/drm/radeon/rad\n eon_display.c in the Linux kernel 5.2.14 does not check\n the alloc_workqueue return value, leading to a NULL\n pointer dereference.(CVE-2019-16230)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1158\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e66e3a3b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bpftool-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h683.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:54", "description": "The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5560 advisory.\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2020-5560)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15291"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2020-5560.NASL", "href": "https://www.tenable.com/plugins/nessus/134343", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5560.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134343);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-15291\");\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2020-5560)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-5560 advisory.\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a\n malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5560.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15291\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.39-400.320.1.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-5560');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-2.6.39-400.320.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-2.6.39-400.320.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.320.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-2.6.39-400.320.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.320.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-debug-devel-2.6.39-400.320.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.320.1.el6uek', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-devel-2.6.39-400.320.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-2.6.39'},\n {'reference':'kernel-uek-doc-2.6.39-400.320.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-2.6.39'},\n {'reference':'kernel-uek-firmware-2.6.39-400.320.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-2.6.39'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:57:36", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5559 advisory.\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-03-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5559)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15291"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.43.1.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.43.1.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2020-5559.NASL", "href": "https://www.tenable.com/plugins/nessus/134342", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-5559.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134342);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-15291\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2020-5559)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-5559 advisory.\n\n - An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a\n malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver.\n (CVE-2019-15291)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-5559.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15291\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.43.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-118.43.1.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.8.13-118.43.1.el6uek', '3.8.13-118.43.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2020-5559');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.8';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-3.8.13-118.43.1.el6uek-0.4.5-3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.43.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.43.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.43.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.43.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.43.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.43.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'},\n {'reference':'dtrace-modules-3.8.13-118.43.1.el7uek-0.4.5-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-3.8.13-118.43.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-3.8.13'},\n {'reference':'kernel-uek-debug-3.8.13-118.43.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-3.8.13'},\n {'reference':'kernel-uek-debug-devel-3.8.13-118.43.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-3.8.13'},\n {'reference':'kernel-uek-devel-3.8.13-118.43.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-3.8.13'},\n {'reference':'kernel-uek-doc-3.8.13-118.43.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-3.8.13'},\n {'reference':'kernel-uek-firmware-3.8.13-118.43.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-3.8.13'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-3.8.13-118.43.1.el6uek / dtrace-modules-3.8.13-118.43.1.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:32:17", "description": "The 5.3.16 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-17T00:00:00", "type": "nessus", "title": "Fedora 31 : kernel (2019-39e97683e8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19332"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-39E97683E8.NASL", "href": "https://www.tenable.com/plugins/nessus/132083", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-39e97683e8.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132083);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-19332\");\n script_xref(name:\"FEDORA\", value:\"2019-39e97683e8\");\n\n script_name(english:\"Fedora 31 : kernel (2019-39e97683e8)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.16 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-39e97683e8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-19332\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-39e97683e8\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"kernel-5.3.16-300.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:15", "description": "USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10.\nThis update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-30T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerability (USN-4253-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4253-2.NASL", "href": "https://www.tenable.com/plugins/nessus/133350", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4253-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133350);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\");\n script_xref(name:\"USN\", value:\"4253-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel (HWE) vulnerability (USN-4253-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10.\nThis update provides the corresponding updates for the Linux Hardware\nEnablement (HWE) kernel from Ubuntu 19.10 for Ubuntu 18.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4253-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14615\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4253-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-28-generic\", pkgver:\"5.3.0-28.30~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-28-generic-lpae\", pkgver:\"5.3.0-28.30~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.3.0-28-lowlatency\", pkgver:\"5.3.0-28.30~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.3.0.28.96\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.3.0.28.96\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.3.0.28.96\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.3.0.28.96\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.3.0.28.96\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.3-generic / linux-image-5.3-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:17", "description": "It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 19.10 : Linux kernel vulnerability (USN-4253-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4253-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4253-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133292);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2019-14615\");\n script_xref(name:\"USN\", value:\"4253-1\");\n\n script_name(english:\"Ubuntu 19.10 : Linux kernel vulnerability (USN-4253-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors.\nA local attacker could use this to expose sensitive information.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4253-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14615\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.3-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14615\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4253-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-1010-aws\", pkgver:\"5.3.0-1010.11\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-29-generic\", pkgver:\"5.3.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-29-generic-lpae\", pkgver:\"5.3.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-29-lowlatency\", pkgver:\"5.3.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-5.3.0-29-snapdragon\", pkgver:\"5.3.0-29.31\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-aws\", pkgver:\"5.3.0.1010.12\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-generic\", pkgver:\"5.3.0.29.33\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.3.0.29.33\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.3.0.29.33\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"linux-image-virtual\", pkgver:\"5.3.0.29.33\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.3-aws / linux-image-5.3-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:27", "description": "Intel reports :\n\n.A potential security vulnerability in Intel(R) Processor Graphics may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.\n\nDescription: Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.\n\nThis patch provides mitigation for Gen9 hardware only. Patches for Gen7 and Gen7.5 will be provided later. Note that Gen8 is not impacted due to a previously implemented workaround. The mitigation involves using an existing hardware feature to forcibly clear down all EU state at each context switch.", "cvss3": {}, "published": "2020-01-16T00:00:00", "type": "nessus", "title": "FreeBSD : drm graphics drivers -- potential information disclusure via local access (d2c2c815-3793-11ea-8be3-54e1ad3d6335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615"], "modified": "2020-02-19T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:drm-current-kmod", "p-cpe:/a:freebsd:freebsd:drm-devel-kmod", "p-cpe:/a:freebsd:freebsd:drm-fbsd11.2-kmod", "p-cpe:/a:freebsd:freebsd:drm-fbsd12.0-kmod", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_D2C2C815379311EA8BE354E1AD3D6335.NASL", "href": "https://www.tenable.com/plugins/nessus/132943", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132943);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/02/19\");\n\n script_cve_id(\"CVE-2019-14615\");\n\n script_name(english:\"FreeBSD : drm graphics drivers -- potential information disclusure via local access (d2c2c815-3793-11ea-8be3-54e1ad3d6335)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Intel reports :\n\n.A potential security vulnerability in Intel(R) Processor Graphics may\nallow information disclosure. Intel is releasing software updates to\nmitigate this potential vulnerability.\n\nDescription: Insufficient control flow in certain data structures for\nsome Intel(R) Processors with Intel(R) Processor Graphics may allow an\nunauthenticated user to potentially enable information disclosure via\nlocal access.\n\nThis patch provides mitigation for Gen9 hardware only. Patches for\nGen7 and Gen7.5 will be provided later. Note that Gen8 is not impacted\ndue to a previously implemented workaround. The mitigation involves\nusing an existing hardware feature to forcibly clear down all EU state\nat each context switch.\"\n );\n # https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0057a26c\"\n );\n # https://vuxml.freebsd.org/freebsd/d2c2c815-3793-11ea-8be3-54e1ad3d6335.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4290df62\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14615\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drm-current-kmod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drm-devel-kmod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drm-fbsd11.2-kmod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:drm-fbsd12.0-kmod\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"drm-fbsd11.2-kmod<4.11.g20200115\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"drm-fbsd12.0-kmod<4.16.g20200115\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"drm-current-kmod<4.16.g20200115\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"drm-devel-kmod<5.0.g20200115\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:04", "description": "The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-14895: A heap-based buffer overflow was discovered in the Linux kernel in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could have allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158).\n\nCVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038).\n\nCVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded.\nThere are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897).\n\nCVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1156258).\n\nCVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures (bnc#1157333).\n\nCVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).\n\nCVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197).\n\nCVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157307).\n\nCVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157298).\n\nCVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client (bnc#1157678).\n\nCVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures (bnc#1157191).\n\nCVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures (bnc#1157171).\n\nCVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157324).\n\nCVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures (bsc#1157180).\n\nCVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157178).\n\nCVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures (bsc#1157173).\n\nCVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures (bnc#1157162).\n\nCVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures (bnc#1157145).\n\nCVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157143).\n\nCVE-2019-19073: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function (bnc#1157070).\n\nCVE-2019-15916: An issue was discovered in the Linux kernel There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448).\n\nCVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466).\n\nCVE-2019-18805: An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact (bnc#1156187).\n\nCVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket (bnc#1152782).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-23T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:3371-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14895", "CVE-2019-15916", "CVE-2019-16231", "CVE-2019-17055", "CVE-2019-18660", "CVE-2019-18683", "CVE-2019-18805", "CVE-2019-18809", "CVE-2019-19049", "CVE-2019-19052", "CVE-2019-19056", "CVE-2019-19057", "CVE-2019-19058", "CVE-2019-19060", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19065", "CVE-2019-19067", "CVE-2019-19068", "CVE-2019-19073", "CVE-2019-19074", "CVE-2019-19075", "CVE-2019-19077", "CVE-2019-19227"], "modified": "2019-12-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-3371-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132389", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3371-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132389);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-15916\", \"CVE-2019-16231\", \"CVE-2019-17055\", \"CVE-2019-18660\", \"CVE-2019-18683\", \"CVE-2019-18805\", \"CVE-2019-18809\", \"CVE-2019-19049\", \"CVE-2019-19052\", \"CVE-2019-19056\", \"CVE-2019-19057\", \"CVE-2019-19058\", \"CVE-2019-19060\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19065\", \"CVE-2019-19067\", \"CVE-2019-19068\", \"CVE-2019-19073\", \"CVE-2019-19074\", \"CVE-2019-19075\", \"CVE-2019-19077\", \"CVE-2019-19227\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:3371-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-14895: A heap-based buffer overflow was discovered in the\nLinux kernel in Marvell WiFi chip driver. The flaw could occur when\nthe station attempts a connection negotiation during the handling of\nthe remote devices country settings. This could have allowed the\nremote device to cause a denial of service (system crash) or possibly\nexecute arbitrary code (bnc#1157158).\n\nCVE-2019-18660: The Linux kernel on powerpc allowed Information\nExposure because the Spectre-RSB mitigation is not in place for all\napplicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and\narch/powerpc/kernel/security.c (bnc#1157038).\n\nCVE-2019-18683: An issue was discovered in\ndrivers/media/platform/vivid in the Linux kernel. It is exploitable\nfor privilege escalation on some Linux distributions where local users\nhave /dev/video0 access, but only if the driver happens to be loaded.\nThere are multiple race conditions during streaming stopping in this\ndriver (part of the V4L2 subsystem). These issues are caused by wrong\nmutex locking in vivid_stop_generating_vid_cap(),\nvivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the\ncorresponding kthreads. At least one of these race conditions leads to\na use-after-free (bnc#1155897).\n\nCVE-2019-18809: A memory leak in the af9005_identify_state() function\nin drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption)\n(bnc#1156258).\n\nCVE-2019-19062: A memory leak in the crypto_report() function in\ncrypto/crypto_user_base.c in the Linux kernel allowed attackers to\ncause a denial of service (memory consumption) by triggering\ncrypto_report_alg() failures (bnc#1157333).\n\nCVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring()\nfunction in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux\nkernel allowed attackers to cause a denial of service (memory\nconsumption) by triggering mwifiex_map_pci_memory() failures\n(bnc#1157197).\n\nCVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf()\nfunction in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux\nkernel allowed attackers to cause a denial of service (memory\nconsumption) by triggering mwifiex_map_pci_memory() failures\n(bnc#1157197).\n\nCVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb()\nfunction in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in\nthe Linux kernel allowed attackers to cause a denial of service\n(memory consumption) by triggering usb_submit_urb() failures\n(bnc#1157307).\n\nCVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in\ndrivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption)\n(bnc#1157298).\n\nCVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there\nwas a potential NULL pointer dereference because register_snap_client\nmay return NULL. This will lead to denial of service in\nnet/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by\nunregister_snap_client (bnc#1157678).\n\nCVE-2019-19065: A memory leak in the sdma_init() function in\ndrivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption) by\ntriggering rhashtable_init() failures (bnc#1157191).\n\nCVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in\ndrivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption) by\ntriggering copy to udata failures (bnc#1157171).\n\nCVE-2019-19052: A memory leak in the gs_can_open() function in\ndrivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to\ncause a denial of service (memory consumption) by triggering\nusb_submit_urb() failures (bnc#1157324).\n\nCVE-2019-19067: Four memory leaks in the acp_hw_init() function in\ndrivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption) by\ntriggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures\n(bsc#1157180).\n\nCVE-2019-19060: A memory leak in the adis_update_scan_mode() function\nin drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers\nto cause a denial of service (memory consumption) (bnc#1157178).\n\nCVE-2019-19049: A memory leak in the unittest_data_add() function in\ndrivers/of/unittest.c in the Linux kernel allowed attackers to cause a\ndenial of service (memory consumption) by triggering\nof_fdt_unflatten_tree() failures (bsc#1157173).\n\nCVE-2019-19075: A memory leak in the ca8210_probe() function in\ndrivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers\nto cause a denial of service (memory consumption) by triggering\nca8210_get_platform_data() failures (bnc#1157162).\n\nCVE-2019-19058: A memory leak in the alloc_sgtable() function in\ndrivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel\nallowed attackers to cause a denial of service (memory consumption) by\ntriggering alloc_page() failures (bnc#1157145).\n\nCVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in\ndrivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption)\n(bnc#1157143).\n\nCVE-2019-19073: Memory leaks in\ndrivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel allowed\nattackers to cause a denial of service (memory consumption) by\ntriggering wait_for_completion_timeout() failures. This affects the\nhtc_config_pipe_credits() function, the htc_setup_complete() function,\nand the htc_connect_service() function (bnc#1157070).\n\nCVE-2019-15916: An issue was discovered in the Linux kernel There was\na memory leak in register_queue_kobjects() in net/core/net-sysfs.c,\nwhich will cause denial of service (bnc#1149448).\n\nCVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel\n5.2.14 did not check the alloc_workqueue return value, leading to a\nNULL pointer dereference (bnc#1150466).\n\nCVE-2019-18805: An issue was discovered in net/ipv4/sysctl_net_ipv4.c\nin the Linux kernel There was a net/ipv4/tcp_input.c signed integer\noverflow in tcp_ack_update_rtt() when userspace writes a very large\ninteger to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of\nservice or possibly unspecified other impact (bnc#1156187).\n\nCVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the\nAF_ISDN network module in the Linux kernel did not enforce\nCAP_NET_RAW, which means that unprivileged users can create a raw\nsocket (bnc#1152782).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078248\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091041\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117169\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131107\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140948\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152782\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153628\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153681\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154355\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154956\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155692\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155897\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155982\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156187\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156494\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156700\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157143\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157171\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157180\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157778\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1157908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158063\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158064\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1158082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15916/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16231/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-17055/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18660/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18683/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18805/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18809/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19049/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19052/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19056/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19057/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19058/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19060/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19062/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19063/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19065/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19067/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19068/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19073/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19074/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19075/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19077/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-19227/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193371-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4014466b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-3371=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-3371=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-3371=1\n\nSUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP4-2019-3371=1\n\nSUSE Linux Enterprise High Availability 12-SP4:zypper in -t patch\nSUSE-SLE-HA-12-SP4-2019-3371=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-3371=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18805\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debugsource-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-devel-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-syms-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.12.14-95.45.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-4.12.14-95.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:06", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-01-18T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Linux PHSA-2019-3.0-0046", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19062", "CVE-2019-19066", "CVE-2019-19072", "CVE-2019-19073", "CVE-2019-19074", "CVE-2019-19078"], "modified": "2020-01-20T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0046_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/133061", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0046. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133061);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/20\");\n\n script_cve_id(\n \"CVE-2019-19062\",\n \"CVE-2019-19066\",\n \"CVE-2019-19072\",\n \"CVE-2019-19073\",\n \"CVE-2019-19074\",\n \"CVE-2019-19078\"\n );\n\n script_name(english:\"Photon OS 3.0: Linux PHSA-2019-3.0-0046\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-46.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19078\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"linux-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"linux-4.19.87-1.ph3.src\")) flag++;\nif (rpm_exists(rpm:\"linux-api-headers-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-api-headers-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-api-headers-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"linux-api-headers-4.19.87-1.ph3.src\")) flag++;\nif (rpm_exists(rpm:\"linux-aws-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-aws-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"linux-aws-4.19.87-1.ph3.src\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-debuginfo-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-devel-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-docs-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-drivers-gpu-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-hmacgen-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-oprofile-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-aws-sound-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-debuginfo-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-debuginfo-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-debuginfo-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-debuginfo-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-devel-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-devel-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-devel-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-devel-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-docs-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-docs-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-docs-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-docs-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-drivers-gpu-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-drivers-gpu-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-drivers-gpu-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-drivers-sound-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-drivers-sound-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-drivers-sound-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-drivers-sound-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-dtb-ls1012afrwy-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-dtb-rpi3-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-esx-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-esx-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"linux-esx-4.19.87-1.ph3.src\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-debuginfo-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-esx-hmacgen-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-hmacgen-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-hmacgen-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-hmacgen-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-hmacgen-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-secure-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-secure-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"src\", reference:\"linux-secure-4.19.87-1.ph3.src\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-debuginfo-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-devel-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-docs-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-hmacgen-4.19.87-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-secure-lkcm-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-tools-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"aarch64\", reference:\"linux-tools-4.19.87-1.ph3\")) flag++;\nif (rpm_exists(rpm:\"linux-tools-4.19\", release:\"PhotonOS-3.0\") && rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"linux-tools-4.19.87-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:32:12", "description": "The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-09T00:00:00", "type": "nessus", "title": "Fedora 30 : kernel (2019-124a241044)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16232", "CVE-2019-18660", "CVE-2019-18808", "CVE-2019-18809", "CVE-2019-18811", "CVE-2019-18812"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-124A241044.NASL", "href": "https://www.tenable.com/plugins/nessus/131787", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-124a241044.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131787);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n script_xref(name:\"FEDORA\", value:\"2019-124a241044\");\n\n script_name(english:\"Fedora 30 : kernel (2019-124a241044)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-124a241044\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18660\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-124a241044\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kernel-5.3.14-200.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:10", "description": "The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-06T00:00:00", "type": "nessus", "title": "Fedora 31 : kernel (2019-b86a7bdba0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16232", "CVE-2019-18660", "CVE-2019-18808", "CVE-2019-18809", "CVE-2019-18811", "CVE-2019-18812"], "modified": "2020-01-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-B86A7BDBA0.NASL", "href": "https://www.tenable.com/plugins/nessus/131742", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b86a7bdba0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131742);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/30\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n script_xref(name:\"FEDORA\", value:\"2019-b86a7bdba0\");\n\n script_name(english:\"Fedora 31 : kernel (2019-b86a7bdba0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.14 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b86a7bdba0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18660\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-16232\", \"CVE-2019-18660\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-b86a7bdba0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"kernel-5.3.14-300.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-06-10T19:24:43", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-aws-hwe \\- Linux kernel for Amazon Web Services (AWS-HWE) systems\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-gke-4.15 \\- Linux kernel for Google Container Engine (GKE) systems\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n * linux-kvm \\- Linux kernel for cloud environments\n * linux-oracle \\- Linux kernel for Oracle Cloud systems\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-snapdragon \\- Linux kernel for Snapdragon processors\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly validate device metadata. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did \nnot properly check for errors in certain situations, leading to a NULL \npointer dereference. A local attacker could possibly use this to cause a \ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the \nLinux kernel did not properly check for errors in certain situations, \nleading to a NULL pointer dereference. A local attacker could possibly use \nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in \nthe Linux kernel did not properly initialize data. A local attacker could \npossibly use this to expose sensitive information (kernel memory). \n(CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did not \nproperly validate metadata, leading to a NULL pointer dereference. An \nattacker could use this to specially craft a file system image that, when \nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to cause a denial of service (kernel memory \nexhaustion). (CVE-2019-19071)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did \nnot properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the \nLinux kernel did not properly handle certain error conditions, leading to a \nNULL pointer dereference. A local attacker could use this to cause a denial \nof service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux \nkernel did not properly handle certain conditions. An attacker could use \nthis to specially craft an ext4 file system that, when mounted, could cause \na denial of service (system crash) or possibly execute arbitrary code. \n(CVE-2019-19767)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) \nimplementation in the Linux kernel did not properly deallocate memory in \ncertain error conditions. An attacker could possibly use this to cause a \ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel \nwhen used as an access point would send IAPP location updates for stations \nbefore client authentication had completed. A physically proximate attacker \ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while \ndestroying GEM contexts in the i915 driver for the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2020-7053)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-18T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19767", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2020-02-18T00:00:00", "id": "USN-4287-1", "href": "https://ubuntu.com/security/notices/USN-4287-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T19:24:41", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n\nUSN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 \nLTS. This update provides the corresponding updates for the Linux \nkernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM.\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly validate device metadata. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did \nnot properly check for errors in certain situations, leading to a NULL \npointer dereference. A local attacker could possibly use this to cause a \ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the \nLinux kernel did not properly check for errors in certain situations, \nleading to a NULL pointer dereference. A local attacker could possibly use \nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in \nthe Linux kernel did not properly initialize data. A local attacker could \npossibly use this to expose sensitive information (kernel memory). \n(CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did not \nproperly validate metadata, leading to a NULL pointer dereference. An \nattacker could use this to specially craft a file system image that, when \nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to cause a denial of service (kernel memory \nexhaustion). (CVE-2019-19071)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did \nnot properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the \nLinux kernel did not properly handle certain error conditions, leading to a \nNULL pointer dereference. A local attacker could use this to cause a denial \nof service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux \nkernel did not properly handle certain conditions. An attacker could use \nthis to specially craft an ext4 file system that, when mounted, could cause \na denial of service (system crash) or possibly execute arbitrary code. \n(CVE-2019-19767)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) \nimplementation in the Linux kernel did not properly deallocate memory in \ncertain error conditions. An attacker could possibly use this to cause a \ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel \nwhen used as an access point would send IAPP location updates for stations \nbefore client authentication had completed. A physically proximate attacker \ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while \ndestroying GEM contexts in the i915 driver for the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2020-7053)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-18T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19767", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2020-02-18T00:00:00", "id": "USN-4287-2", "href": "https://ubuntu.com/security/notices/USN-4287-2", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T15:47:08", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-lts-xenial \\- Linux hardware enablement kernel from Xenial for Trusty\n\nUSN-4254-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu \n14.04 ESM.\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not \nproperly validate metadata, leading to a NULL pointer dereference. An \nattacker could use this to specially craft a file system image that, when \nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the \nLinux kernel did not properly handle certain error conditions, leading to a \nNULL pointer dereference. A local attacker could use this to cause a denial \nof service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-29T00:00:00", "type": "ubuntu", "title": "Linux kernel (Xenial HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15291", "CVE-2019-18683", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19227", "CVE-2019-19332"], "modified": "2020-01-29T00:00:00", "id": "USN-4254-2", "href": "https://ubuntu.com/security/notices/USN-4254-2", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-10T15:47:14", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-kvm \\- Linux kernel for cloud environments\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-snapdragon \\- Linux kernel for Snapdragon processors\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not \nproperly validate metadata, leading to a NULL pointer dereference. An \nattacker could use this to specially craft a file system image that, when \nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the \nLinux kernel did not properly handle certain error conditions, leading to a \nNULL pointer dereference. A local attacker could use this to cause a denial \nof service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15291", "CVE-2019-18683", "CVE-2019-18885", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19227", "CVE-2019-19332"], "modified": "2020-01-28T00:00:00", "id": "USN-4254-1", "href": "https://ubuntu.com/security/notices/USN-4254-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-10T19:24:44", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * linux-aws-5.0 \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-gke-5.0 \\- Linux kernel for Google Container Engine (GKE) systems\n * linux-oracle-5.0 \\- Linux kernel for Oracle Cloud systems\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did \nnot properly check for errors in certain situations, leading to a NULL \npointer dereference. A local attacker could possibly use this to cause a \ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the \nLinux kernel did not properly check for errors in certain situations, \nleading to a NULL pointer dereference. A local attacker could possibly use \nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in \nthe Linux kernel did not properly initialize data. A local attacker could \npossibly use this to expose sensitive information (kernel memory). \n(CVE-2019-18786).\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel did \nnot properly initialize memory in certain situations. A local attacker \ncould possibly use this to expose sensitive information (kernel memory). \n(CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) \nimplementation in the Linux kernel did not properly deallocate memory in \ncertain error conditions. An attacker could possibly use this to cause a \ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel \nwhen used as an access point would send IAPP location updates for stations \nbefore client authentication had completed. A physically proximate attacker \ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that a race condition can lead to a use-after-free while \ndestroying GEM contexts in the i915 driver for the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2020-7053)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-18T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18786", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-19063", "CVE-2019-19947", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-7053"], "modified": "2020-02-18T00:00:00", "id": "USN-4285-1", "href": "https://ubuntu.com/security/notices/USN-4285-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T15:47:08", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * linux-aws-5.0 \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-gke-5.0 \\- Linux kernel for Google Container Engine (GKE) systems\n * linux-oracle-5.0 \\- Linux kernel for Oracle Cloud systems\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly validate device metadata. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2019-15099)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not \nproperly validate metadata, leading to a NULL pointer dereference. An \nattacker could use this to specially craft a file system image that, when \nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to cause a denial of service (kernel memory \nexhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the Qualcomm IPC Router TUN device driver in the \nLinux kernel did not properly deallocate memory in certain situations. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19079)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did \nnot properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the \nLinux kernel did not properly handle certain error conditions, leading to a \nNULL pointer dereference. A local attacker could use this to cause a denial \nof service (system crash). (CVE-2019-19227)\n\nOr Cohen discovered that the virtual console subsystem in the Linux kernel \ndid not properly restrict writes to unimplemented vcsu (unicode) devices. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash) or have other unspecified impacts. (CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the ext4 file system implementation in the Linux \nkernel did not properly handle certain conditions. An attacker could use \nthis to specially craft an ext4 file system that, when mounted, could cause \na denial of service (system crash) or possibly execute arbitrary code. \n(CVE-2019-19767)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-29T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15099", "CVE-2019-15291", "CVE-2019-18683", "CVE-2019-18885", "CVE-2019-19050", "CVE-2019-19062", "CVE-2019-19071", "CVE-2019-19077", "CVE-2019-19078", "CVE-2019-19079", "CVE-2019-19082", "CVE-2019-19227", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19767"], "modified": "2020-01-29T00:00:00", "id": "USN-4258-1", "href": "https://ubuntu.com/security/notices/USN-4258-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T15:46:34", "description": "## Releases\n\n * Ubuntu 19.10 \n * Ubuntu 18.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-azure \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-azure-5.3 \\- Linux kernel for Microsoft Azure Cloud systems\n * linux-gcp \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-gcp-5.3 \\- Linux kernel for Google Cloud Platform (GCP) systems\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n * linux-kvm \\- Linux kernel for cloud environments\n * linux-oracle \\- Linux kernel for Oracle Cloud systems\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-raspi2-5.3 \\- Linux kernel for Raspberry Pi 2\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly validate device metadata. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did \nnot properly check for errors in certain situations, leading to a NULL \npointer dereference. A local attacker could possibly use this to cause a \ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the \nLinux kernel did not properly check for errors in certain situations, \nleading to a NULL pointer dereference. A local attacker could possibly use \nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test \nDriver in the Linux kernel. An attacker with write access to /dev/video0 on \na system with the vivid module loaded could possibly use this to gain \nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in \nthe Linux kernel did not properly initialize data. A local attacker could \npossibly use this to expose sensitive information (kernel memory). \n(CVE-2019-18786)\n\nIt was discovered that the Sound Open Firmware (SOF) driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could use this to cause a denial of service (kernel memory \nexhaustion). (CVE-2019-18811)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not \nproperly deallocate memory in certain error conditions. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex \nDriver for the Linux kernel. A local attacker could possibly use this to \ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux \nkernel did not properly deallocate memory in certain error conditions. A \nlocal attacker could possibly use this to cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to cause a denial of service (kernel memory \nexhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in \nthe Linux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did \nnot properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19082)\n\nIt was discovered that the IO uring implementation in the Linux kernel did \nnot properly perform credentials checks in certain situations. A local \nattacker could possibly use this to gain administrative privileges. \n(CVE-2019-19241)\n\nOr Cohen discovered that the virtual console subsystem in the Linux kernel \ndid not properly restrict writes to unimplemented vcsu (unicode) devices. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash) or have other unspecified impacts. (CVE-2019-19252)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly handle ioctl requests to get emulated CPUID \nfeatures. An attacker with access to /dev/kvm could use this to cause a \ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that a race condition existed in the Linux kernel on x86 \nplatforms when keeping track of which process was assigned control of the \nFPU. A local attacker could use this to cause a denial of service (memory \ncorruption) or possibly gain administrative privileges. (CVE-2019-19602)\n\nIt was discovered that the ext4 file system implementation in the Linux \nkernel did not properly handle certain conditions. An attacker could use \nthis to specially craft an ext4 file system that, when mounted, could cause \na denial of service (system crash) or possibly execute arbitrary code. \n(CVE-2019-19767)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel did \nnot properly initialize memory in certain situations. A local attacker \ncould possibly use this to expose sensitive information (kernel memory). \n(CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux \nkernel did not properly validate device metadata. A physically proximate \nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15291)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-19T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15099", "CVE-2019-15291", "CVE-2019-16229", "CVE-2019-16232", "CVE-2019-18683", "CVE-2019-18786", "CVE-2019-18811", "CVE-2019-19050", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19071", "CVE-2019-19077", "CVE-2019-19078", "CVE-2019-19082", "CVE-2019-19241", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19602", "CVE-2019-19767", "CVE-2019-19947", "CVE-2019-19965"], "modified": "2020-02-19T00:00:00", "id": "USN-4284-1", "href": "https://ubuntu.com/security/notices/USN-4284-1", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T15:47:11", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux-aws-hwe \\- Linux kernel for Amazon Web Services (AWS-HWE) systems\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n\nUSN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu \n16.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while \ndestroying GEM contexts in the i915 driver for the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2020-7053)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T00:00:00", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2020-01-28T00:00:00", "id": "USN-4255-2", "href": "https://ubuntu.com/security/notices/USN-4255-2", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-10T15:47:15", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-oem \\- Linux kernel for OEM processors\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while \ndestroying GEM contexts in the i915 driver for the Linux kernel. A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code. (CVE-2020-7053)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2020-01-28T00:00:00", "id": "USN-4255-1", "href": "https://ubuntu.com/security/notices/USN-4255-1", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-10T19:24:44", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-lts-xenial \\- Linux hardware enablement kernel from Xenial for Trusty\n\nUSN-4286-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu \n14.04 ESM.\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54 \ndevice driver in the Linux kernel. A physically proximate attacker could \nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nJulien Grall discovered that the Xen balloon memory driver in the Linux \nkernel did not properly restrict the amount of memory set aside for page \nmappings in some situations. An attacker could use this to cause a denial \nof service (kernel memory exhaustion). (CVE-2019-17351)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did \nnot properly deallocate memory in certain situations. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19051)\n\nIt was discovered that the Marvell Wi-Fi device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19056)\n\nIt was discovered that the Brocade BFA Fibre Channel device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19066)\n\nIt was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19068)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) \nimplementation in the Linux kernel did not properly deallocate memory in \ncertain error conditions. An attacker could possibly use this to cause a \ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel \nwhen used as an access point would send IAPP location updates for stations \nbefore client authentication had completed. A physically proximate attacker \ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux \nkernel did not properly initialize memory. A physically proximate attacker \ncould use this to cause a denial of service (system crash). \n(CVE-2019-15217)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel \ndid not properly validate data size information from the device. A \nphysically proximate attacker could use this to cause a denial of service \n(system crash). (CVE-2019-15221)\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-02-18T00:00:00", "type": "ubuntu", "title": "Linux kernel (Xenial HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15217", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-17351", "CVE-2019-19051", "CVE-2019-19056", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108"], "modified": "2020-02-18T00:00:00", "id": "USN-4286-2", "href": "https://ubuntu.com/security/notices/USN-4286-2", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T19:24:43", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n * linux-kvm \\- Linux kernel for cloud environments\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n * linux-snapdragon \\- Linux kernel for Snapdragon processors\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information. \n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54 \ndevice driver in the Linux kernel. A physically proximate attacker could \nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nJulien Grall discovered that the Xen balloon memory driver in the Linux \nkernel did not properly restrict the amount of memory set aside for page \nmappings in some situations. An attacker could use this to cause a denial \nof service (kernel memory exhaustion). (CVE-2019-17351)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did \nnot properly deallocate memory in certain situations. A local attacker \ncould use this to cause a denial of service (kernel memory exhaustion). \n(CVE-2019-19051)\n\nIt was discovered that the Marvell Wi-Fi device driver in the Linux kernel \ndid not properly deallocate memory in certain error conditions. A local \nattacker could use this to possibly cause a denial of service (kernel \nmemory exhaustion). (CVE-2019-19056)\n\nIt was discovered that the Brocade BFA Fibre Channel device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19066)\n\nIt was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the \nLinux kernel did not properly deallocate memory in certain error \nconditions. A local attacker could possibly use this to cause a denial of \nservice (kernel memory exhaustion). (CVE-2019-19068)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel \ncontained a race condition that could lead to a NULL pointer dereference. A \nlocal attacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP) \nimplementation in the Linux kernel did not properly deallocate memory in \ncertain error conditions. An attacker could possibly use this to cause a \ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel \nwhen used as an access point would send IAPP location updates for stations \nbefore client authentication had completed. A physically proximate attacker \ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux \nkernel did not properly initialize memory. A physically proximate attacker \ncould use this to cause a denial of service (system crash). \n(CVE-2019-15217)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel \ndid not properly validate data size information from the device. A \nphysically proximate attacker could use this to cause a denial of service \n(system crash). (CVE-2019-15221)\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2020-02-18T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-15217", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-17351", "CVE-2019-19051", "CVE-2019-19056", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-5108"], "modified": "2020-02-18T00:00:00", "id": "USN-4286-1", "href": "https://ubuntu.com/security/notices/USN-4286-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T15:47:19", "description": "## Releases\n\n * Ubuntu 19.10 \n\n## Packages\n\n * linux \\- Linux kernel\n * linux-aws \\- Linux kernel for Amazon Web Services (AWS) systems\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-01-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615"], "modified": "2020-01-28T00:00:00", "id": "USN-4253-1", "href": "https://ubuntu.com/security/notices/USN-4253-1", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-10T15:47:14", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * linux-hwe \\- Linux hardware enablement (HWE) kernel\n\nUSN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10. \nThis update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 19.10 for Ubuntu \n18.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data \nstructures on context switches for certain Intel graphics processors. A \nlocal attacker could use this to expose sensitive information.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-01-28T00:00:00", "type": "ubuntu", "title": "Linux kernel (HWE) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615"], "modified": "2020-01-28T00:00:00", "id": "USN-4253-2", "href": "https://ubuntu.com/security/notices/USN-4253-2", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2020-02-20T22:51:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4287-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5108", "CVE-2019-16229", "CVE-2019-19767", "CVE-2019-18683", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-19332", "CVE-2019-19062", "CVE-2019-19082", "CVE-2019-19965", "CVE-2019-19078", "CVE-2019-15099", "CVE-2019-14615", "CVE-2019-19227", "CVE-2019-19063", "CVE-2019-18885", "CVE-2019-19071", "CVE-2020-7053", "CVE-2019-16232", "CVE-2019-18786", "CVE-2019-15291", "CVE-2019-20096"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310844347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844347", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844347\");\n script_version(\"2020-02-20T11:12:08+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19767\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\", \"CVE-2019-15291\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 11:12:08 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-19 04:01:16 +0000 (Wed, 19 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4287-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4287-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005337.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4287-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in\nthe Linux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did\nnot properly check for errors in certain situations, leading to a NULL\npointer dereference. A local attacker could possibly use this to cause a\ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the\nLinux kernel did not properly check for errors in certain situations,\nleading to a NULL pointer dereference. A local attacker could possibly use\nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test\nDriver in the Linux kernel. An attacker with write access to /dev/video0 on\na system with the vivid module loaded could possibly use this to gain\nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in\nthe Linux kernel did not properly initialize data. A local attacker could\npossibly use this to expose sensitive information (kernel memory).\n(CVE-2019-18786)\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that the btrfs file system in the Linux kernel did not\nproperly validate metadata, leading to a NULL pointer dereference. An\nattacker could use this to specially craft a file system image that, when\nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex\nDriver for the Linux kernel. A local attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not\nproperly deallocate memory in certain error conditions. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux\nkernel did not properly deallocate me ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1033-oracle\", ver:\"4.15.0-1033.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1052-gke\", ver:\"4.15.0-1052.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1053-kvm\", ver:\"4.15.0-1053.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1055-raspi2\", ver:\"4.15.0-1055.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1060-aws\", ver:\"4.15.0-1060.62\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1072-snapdragon\", ver:\"4.15.0-1072.79\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-generic\", ver:\"4.15.0-88.88\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-generic-lpae\", ver:\"4.15.0-88.88\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-lowlatency\", ver:\"4.15.0-88.88\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1060.61\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1060.61\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1052.56\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1052.56\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1053.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1033.38\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1033.38\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1055.53\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.1072.75\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.88.80\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1033-oracle\", ver:\"4.15.0-1033.36~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1055-gcp\", ver:\"4.15.0-1055.59\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1060-aws\", ver:\"4.15.0-1060.62~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1071-azure\", ver:\"4.15.0-1071.76\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-generic\", ver:\"4.15.0-88.88~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-generic-lpae\", ver:\"4.15.0-88.88~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-88-lowlatency\", ver:\"4.15.0-88.88~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1060.60\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1071.74\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1055.69\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.88.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.88.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1055.69\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.88.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.88.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1033.26\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.88.98\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-10T17:55:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4254-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18683", "CVE-2019-19057", "CVE-2019-19332", "CVE-2019-19062", "CVE-2019-14615", "CVE-2019-19227", "CVE-2019-19063", "CVE-2019-18885", "CVE-2019-15291"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310844314", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844314", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844314\");\n script_version(\"2020-06-09T06:40:15+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19063\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-15291\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 06:40:15 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:18 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4254-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4254-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005296.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4254-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Virtual Video Test\nDriver in the Linux kernel. An attacker with write access to /dev/video0 on\na system with the vivid module loaded could possibly use this to gain\nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not\nproperly validate metadata, leading to a NULL pointer dereference. An\nattacker could use this to specially craft a file system image that, when\nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex\nDriver for the Linux kernel. A local attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not\nproperly deallocate memory in certain error conditions. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19062)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19063)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the\nLinux kernel did not properly handle certain error conditions, leading to a\nNULL pointer dereference. A local attacker could use this to cause a denial\nof service (system crash). (CVE-2019-19227)\n\nIt was discovered that the KVM hypervisor implementation in the Linux\nkernel did not properly handle ioctl requests to get emulated CPUID\nfeatures. An attacker with access to /dev/kvm could use this to cause a\ndenial of service (system crash). (CVE-2019-19332)\n\nIt was discovered that the B2C2 FlexCop USB device driver in the Linux\nkernel did not properly validate device metadata. A physically proximate\nattacker could use this to cause a denial of service (system crash).\n(CVE-2019-15291)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1065-kvm\", ver:\"4.4.0-1065.72\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1101-aws\", ver:\"4.4.0-1101.112\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1128-raspi2\", ver:\"4.4.0-1128.137\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1132-snapdragon\", ver:\"4.4.0-1132.140\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-generic\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-generic-lpae\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-lowlatency\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-powerpc-e500mc\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-powerpc-smp\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-powerpc64-emb\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-173-powerpc64-smp\", ver:\"4.4.0-173.203\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1101.105\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1065.65\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1128.128\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1132.124\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.173.181\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-10T17:55:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-aws-5.0 (USN-4285-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5108", "CVE-2019-16229", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-19965", "CVE-2019-14615", "CVE-2019-19947", "CVE-2019-19063", "CVE-2020-7053", "CVE-2019-16232", "CVE-2019-18786", "CVE-2019-20096"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310844341", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844341", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844341\");\n script_version(\"2020-06-09T06:40:15+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18786\", \"CVE-2019-18809\", \"CVE-2019-19057\", \"CVE-2019-19063\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 06:40:15 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-19 04:00:35 +0000 (Wed, 19 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-aws-5.0 (USN-4285-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4285-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005335.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws-5.0'\n package(s) announced via the USN-4285-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did\nnot properly check for errors in certain situations, leading to a NULL\npointer dereference. A local attacker could possibly use this to cause a\ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the\nLinux kernel did not properly check for errors in certain situations,\nleading to a NULL pointer dereference. A local attacker could possibly use\nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in\nthe Linux kernel did not properly initialize data. A local attacker could\npossibly use this to expose sensitive information (kernel memory)\n(CVE-2019-18786).\n\nIt was discovered that the Afatech AF9005 DVB-T USB device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-18809)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex\nDriver for the Linux kernel. A local attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the Kvaser CAN/USB driver in the Linux kernel did\nnot properly initialize memory in certain situations. A local attacker\ncould possibly use this to expose sensitive information (kernel memory).\n(CVE-2019-19947)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer dereference. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\nimplementation in the Linux kernel did not properly deallocate memory in\ncertain error conditions. An attacker could possibly use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel\nwhen used as an access point would send IAPP location update ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux-aws-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1011-oracle\", ver:\"5.0.0-1011.16\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-aws\", ver:\"5.0.0-1025.28\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1030-gke\", ver:\"5.0.0-1030.31\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1031-gcp\", ver:\"5.0.0-1031.32\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1032-azure\", ver:\"5.0.0-1032.34\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.0.0.1032.43\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.0.0.1031.35\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1030.18\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-30T16:43:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-aws-5.0 (USN-4258-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19079", "CVE-2019-19767", "CVE-2019-18683", "CVE-2019-19332", "CVE-2019-19252", "CVE-2019-19062", "CVE-2019-19082", "CVE-2019-19078", "CVE-2019-15099", "CVE-2019-19227", "CVE-2019-18885", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-19077", "CVE-2019-15291"], "modified": "2020-01-30T00:00:00", "id": "OPENVAS:1361412562310844316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844316", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844316\");\n script_version(\"2020-01-30T08:15:08+0000\");\n script_cve_id(\"CVE-2019-15099\", \"CVE-2019-18683\", \"CVE-2019-18885\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19079\", \"CVE-2019-19082\", \"CVE-2019-19227\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19767\", \"CVE-2019-15291\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-30 08:15:08 +0000 (Thu, 30 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:31 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-aws-5.0 (USN-4258-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4258-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005302.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws-5.0'\n package(s) announced via the USN-4258-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Atheros 802.11ac wireless USB device driver in\nthe Linux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15099)\n\nIt was discovered that a race condition existed in the Virtual Video Test\nDriver in the Linux kernel. An attacker with write access to /dev/video0 on\na system with the vivid module loaded could possibly use this to gain\nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the btrfs file system in the Linux kernel did not\nproperly validate metadata, leading to a NULL pointer dereference. An\nattacker could use this to specially craft a file system image that, when\nmounted, could cause a denial of service (system crash). (CVE-2019-18885)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not\nproperly deallocate memory in certain error conditions. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A local\nattacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-19071)\n\nIt was discovered that the Broadcom Netxtreme HCA device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-19077)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in\nthe Linux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-19078)\n\nIt was discovered that the Qualcomm IPC Router TUN device driver in the\nLinux kernel did not properly deallocate memory in certain situations. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19079)\n\nIt was discovered that the AMD GPU device drivers in the Linux kernel did\nnot properly deallocate memory in certain error conditions. A local\nattacker could use this to possibly cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19082)\n\nDan Carpenter discovered that the AppleTalk networking subsystem of the\nLinux kernel did not properly handle certain error conditions, leading to a\nNULL pointer dereference. A local attacker could use this to cause a denial\nof service (system crash). (CVE-2019-19227)\n\nOr Cohen discovered ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux-aws-5.0' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1010-oracle\", ver:\"5.0.0-1010.15~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1024-aws\", ver:\"5.0.0-1024.27~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1029-gcp\", ver:\"5.0.0-1029.30~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1029-gke\", ver:\"5.0.0-1029.30~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-edge\", ver:\"5.0.0.1024.38\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.0.0.1029.33\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1029.17\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-edge\", ver:\"5.0.0.1010.9\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-20T22:52:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4284-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19602", "CVE-2019-16229", "CVE-2019-19767", "CVE-2019-18683", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-19332", "CVE-2019-19252", "CVE-2019-19062", "CVE-2019-19082", "CVE-2019-19965", "CVE-2019-19078", "CVE-2019-15099", "CVE-2019-14615", "CVE-2019-19947", "CVE-2019-19063", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-19241", "CVE-2019-19077", "CVE-2019-16232", "CVE-2019-18786", "CVE-2019-15291"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310844343", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844343", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844343\");\n script_version(\"2020-02-20T11:12:08+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15099\", \"CVE-2019-16229\", \"CVE-2019-16232\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18811\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19057\", \"CVE-2019-19063\", \"CVE-2019-19071\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19082\", \"CVE-2019-19241\", \"CVE-2019-19252\", \"CVE-2019-19332\", \"CVE-2019-19602\", \"CVE-2019-19767\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-15291\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 11:12:08 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-19 04:00:55 +0000 (Wed, 19 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4284-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4284-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005334.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4284-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that the Atheros 802.11ac wireless USB device driver in\nthe Linux kernel did not properly validate device metadata. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15099)\n\nIt was discovered that the HSA Linux kernel driver for AMD GPU devices did\nnot properly check for errors in certain situations, leading to a NULL\npointer dereference. A local attacker could possibly use this to cause a\ndenial of service. (CVE-2019-16229)\n\nIt was discovered that the Marvell 8xxx Libertas WLAN device driver in the\nLinux kernel did not properly check for errors in certain situations,\nleading to a NULL pointer dereference. A local attacker could possibly use\nthis to cause a denial of service. (CVE-2019-16232)\n\nIt was discovered that a race condition existed in the Virtual Video Test\nDriver in the Linux kernel. An attacker with write access to /dev/video0 on\na system with the vivid module loaded could possibly use this to gain\nadministrative privileges. (CVE-2019-18683)\n\nIt was discovered that the Renesas Digital Radio Interface (DRIF) driver in\nthe Linux kernel did not properly initialize data. A local attacker could\npossibly use this to expose sensitive information (kernel memory).\n(CVE-2019-18786)\n\nIt was discovered that the Sound Open Firmware (SOF) driver in the Linux\nkernel did not properly deallocate memory in certain error conditions. A\nlocal attacker could use this to cause a denial of service (kernel memory\nexhaustion). (CVE-2019-18811)\n\nIt was discovered that the crypto subsystem in the Linux kernel did not\nproperly deallocate memory in certain error conditions. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19050, CVE-2019-19062)\n\nIt was discovered that multiple memory leaks existed in the Marvell WiFi-Ex\nDriver for the Linux kernel. A local attacker could possibly use this to\ncause a denial of service (kernel memory exhaustion). (CVE-2019-19057)\n\nIt was discovered that the Realtek rtlwifi USB device driver in the Linux\nkernel did not properly deallocate memory in certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19063)\n\nIt was discovered that the RSI 91x WLAN device driver in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A local ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1009-oracle\", ver:\"5.3.0-1009.10\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1010-kvm\", ver:\"5.3.0-1010.11\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1011-aws\", ver:\"5.3.0-1011.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1012-gcp\", ver:\"5.3.0-1012.13\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-raspi2\", ver:\"5.3.0-1018.20\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-generic\", ver:\"5.3.0-40.32\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-generic-lpae\", ver:\"5.3.0-40.32\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-lowlatency\", ver:\"5.3.0-40.32\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-snapdragon\", ver:\"5.3.0-40.32\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1011.13\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.3.0.1012.13\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.40.34\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.40.34\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.3.0.1012.13\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.3.0.1010.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.40.34\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.3.0.1009.10\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.3.0.1018.15\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"5.3.0.40.34\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.40.34\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1012-gcp\", ver:\"5.3.0-1012.13~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1013-azure\", ver:\"5.3.0-1013.14~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1018-raspi2\", ver:\"5.3.0-1018.20~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-generic\", ver:\"5.3.0-40.32~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-generic-lpae\", ver:\"5.3.0-40.32~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-40-lowlatency\", ver:\"5.3.0-40.32~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure-edge\", ver:\"5.3.0.1013.13\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp-edge\", ver:\"5.3.0.1012.11\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.40.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.40.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.40.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2-hwe-18.04\", ver:\"5.3.0.1018.7\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.40.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.40.97\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-30T16:43:53", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-aws-hwe (USN-4255-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2020-01-30T00:00:00", "id": "OPENVAS:1361412562310844318", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844318", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844318\");\n script_version(\"2020-01-30T08:15:08+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2020-7053\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-30 08:15:08 +0000 (Thu, 30 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:42 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-aws-hwe (USN-4255-2)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4255-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005303.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws-hwe'\n package(s) announced via the USN-4255-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu\n16.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while\ndestroying GEM contexts in the i915 driver for the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2020-7053)\");\n\n script_tag(name:\"affected\", value:\"'linux-aws-hwe' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1058-aws\", ver:\"4.15.0-1058.60~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-generic\", ver:\"4.15.0-76.86~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-generic-lpae\", ver:\"4.15.0-76.86~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-lowlatency\", ver:\"4.15.0-76.86~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1058.58\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.76.96\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.76.96\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.76.96\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.76.96\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.76.96\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-30T16:43:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4255-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2020-01-30T00:00:00", "id": "OPENVAS:1361412562310844312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844312", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844312\");\n script_version(\"2020-01-30T08:15:08+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2020-7053\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-30 08:15:08 +0000 (Thu, 30 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:16 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4255-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4255-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005297.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4255-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while\ndestroying GEM contexts in the i915 driver for the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2020-7053)\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1058-aws\", ver:\"4.15.0-1058.60\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1067-oem\", ver:\"4.15.0-1067.77\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-generic\", ver:\"4.15.0-76.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-generic-lpae\", ver:\"4.15.0-76.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-76-lowlatency\", ver:\"4.15.0-76.86\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1058.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1058.59\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1067.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.76.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-08T17:11:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-19T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4286-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5108", "CVE-2019-15217", "CVE-2019-19051", "CVE-2019-19965", "CVE-2019-14615", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-19066", "CVE-2019-17351", "CVE-2019-19068", "CVE-2019-19056", "CVE-2019-20096"], "modified": "2020-05-07T00:00:00", "id": "OPENVAS:1361412562310844342", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844342", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844342\");\n script_version(\"2020-05-07T08:41:48+0000\");\n script_cve_id(\"CVE-2019-14615\", \"CVE-2019-15220\", \"CVE-2019-17351\", \"CVE-2019-19051\", \"CVE-2019-19056\", \"CVE-2019-19066\", \"CVE-2019-19068\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2019-15217\", \"CVE-2019-15221\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 08:41:48 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-19 04:00:45 +0000 (Wed, 19 Feb 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4286-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4286-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-February/005336.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4286-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2019-14615)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54\ndevice driver in the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nJulien Grall discovered that the Xen balloon memory driver in the Linux\nkernel did not properly restrict the amount of memory set aside for page\nmappings in some situations. An attacker could use this to cause a denial\nof service (kernel memory exhaustion). (CVE-2019-17351)\n\nIt was discovered that the Intel WiMAX 2400 driver in the Linux kernel did\nnot properly deallocate memory in certain situations. A local attacker\ncould use this to cause a denial of service (kernel memory exhaustion).\n(CVE-2019-19051)\n\nIt was discovered that the Marvell Wi-Fi device driver in the Linux kernel\ndid not properly deallocate memory in certain error conditions. A local\nattacker could use this to possibly cause a denial of service (kernel\nmemory exhaustion). (CVE-2019-19056)\n\nIt was discovered that the Brocade BFA Fibre Channel device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-19066)\n\nIt was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the\nLinux kernel did not properly deallocate memory in certain error\nconditions. A local attacker could possibly use this to cause a denial of\nservice (kernel memory exhaustion). (CVE-2019-19068)\n\nGao Chuan discovered that the SAS Class driver in the Linux kernel\ncontained a race condition that could lead to a NULL pointer dereference. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2019-19965)\n\nIt was discovered that the Datagram Congestion Control Protocol (DCCP)\nimplementation in the Linux kernel did not properly deallocate memory in\ncertain error conditions. An attacker could possibly use this to cause a\ndenial of service (kernel memory exhaustion). (CVE-2019-20096)\n\nMitchell Frank discovered that the Wi-Fi implementation in the Linux kernel\nwhen used as an access point would send IAPP location updates for stations\nbefore client authentication had completed. A physically proximate attacker\ncould use this to cause a denial of service. (CVE-2019-5108)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1066-kvm\", ver:\"4.4.0-1066.73\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1102-aws\", ver:\"4.4.0-1102.113\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1129-raspi2\", ver:\"4.4.0-1129.138\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1133-snapdragon\", ver:\"4.4.0-1133.141\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-generic\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-generic-lpae\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-lowlatency\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-powerpc-e500mc\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-powerpc-smp\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-powerpc64-emb\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-174-powerpc64-smp\", ver:\"4.4.0-174.204\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1102.106\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1066.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1129.129\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1133.125\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.174.182\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-14T14:48:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-39e97683e8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19054", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-19332", "CVE-2019-14901", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19053", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-11135", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-16232", "CVE-2019-19074", "CVE-2019-19056", "CVE-2019-19072"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877132", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877132\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-19332\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:26:59 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-39e97683e8\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-39e97683e8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7F44ID3ASD7NFTJVZNWV7GUS44G3EKL2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-39e97683e8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.16~300.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-30T17:00:58", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-02-25T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-5108", "CVE-2019-20095", "CVE-2019-19770", "CVE-2019-19332", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19922", "CVE-2019-19965", "CVE-2019-11135", "CVE-2019-19947", "CVE-2019-19338", "CVE-2019-19927", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-17351", "CVE-2019-16230", "CVE-2020-7053", "CVE-2019-19543", "CVE-2019-19048", "CVE-2019-19966", "CVE-2019-20054", "CVE-2019-20096"], "modified": "2020-03-26T00:00:00", "id": "OPENVAS:1361412562311220201158", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201158", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1158\");\n script_version(\"2020-03-26T11:51:34+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-16230\", \"CVE-2019-17351\", \"CVE-2019-19048\", \"CVE-2019-19062\", \"CVE-2019-19332\", \"CVE-2019-19338\", \"CVE-2019-19543\", \"CVE-2019-19770\", \"CVE-2019-19922\", \"CVE-2019-19927\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-19966\", \"CVE-2019-20054\", \"CVE-2019-20095\", \"CVE-2019-20096\", \"CVE-2019-5108\", \"CVE-2020-7053\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 11:51:34 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-25 13:57:20 +0000 (Tue, 25 Feb 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1158)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1158\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1158\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1158 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file).(CVE-2019-19770)\n\nmwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service.(CVE-2019-20095)\n\nTSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.(CVE-2019-11135)\n\nA memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.(CVE-2019-19062)\n\nIn the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.(CVE-2019-19543)\n\nIn the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5.(CVE-2019-19965)\n\nIn the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.(CVE-2019-19966)\n\nAn issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, aka CID-6ef36ab967c7.(CVE-2019-17351)\n\nA memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.(CVE-2019-19048)\n\nkernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kube ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h683.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-20T18:52:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux-hwe (USN-4253-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615"], "modified": "2020-02-18T00:00:00", "id": "OPENVAS:1361412562310844317", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844317", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844317\");\n script_version(\"2020-02-18T15:18:54+0000\");\n script_cve_id(\"CVE-2019-14615\");\n script_tag(name:\"cvss_base\", value:\"1.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-18 15:18:54 +0000 (Tue, 18 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:41 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux-hwe (USN-4253-2)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4253-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005301.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the USN-4253-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4253-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.10.\nThis update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 19.10 for Ubuntu\n18.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"'linux-hwe' package(s) on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-28-generic\", ver:\"5.3.0-28.30~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-28-generic-lpae\", ver:\"5.3.0-28.30~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-28-lowlatency\", ver:\"5.3.0-28.30~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.3.0.28.96\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.3.0.28.96\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.3.0.28.96\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.3.0.28.96\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.3.0.28.96\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-02-20T18:51:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-29T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for linux (USN-4253-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14615"], "modified": "2020-02-18T00:00:00", "id": "OPENVAS:1361412562310844319", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844319", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844319\");\n script_version(\"2020-02-18T15:18:54+0000\");\n script_cve_id(\"CVE-2019-14615\");\n script_tag(name:\"cvss_base\", value:\"1.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-02-18 15:18:54 +0000 (Tue, 18 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-29 04:00:43 +0000 (Wed, 29 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for linux (USN-4253-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU19\\.10\");\n\n script_xref(name:\"USN\", value:\"4253-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005295.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4253-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that the Linux kernel did not properly clear data\nstructures on context switches for certain Intel graphics processors. A\nlocal attacker could use this to expose sensitive information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.10.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-1010-aws\", ver:\"5.3.0-1010.11\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-29-generic\", ver:\"5.3.0-29.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-29-generic-lpae\", ver:\"5.3.0-29.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-29-lowlatency\", ver:\"5.3.0-29.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.3.0-29-snapdragon\", ver:\"5.3.0-29.31\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.3.0.1010.12\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.3.0.29.33\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.3.0.29.33\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.3.0.29.33\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.3.0.29.33\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-02-20T22:41:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-18T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-f884f9dd7d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19054", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-14901", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19053", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-11135", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-16232", "CVE-2019-19074", "CVE-2019-19056", "CVE-2019-19072"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310877479", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877479", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877479\");\n script_version(\"2020-02-20T11:12:08+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 11:12:08 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-18 04:06:29 +0000 (Tue, 18 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-f884f9dd7d)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-f884f9dd7d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWBRN5GS2Y5FPIGLIOZ4PQFXZ5YMASQO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-f884f9dd7d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.4.19~200.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T18:31:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-e328697628)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19054", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-14901", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19053", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-11135", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-16232", "CVE-2019-19074", "CVE-2019-19056", "CVE-2019-19072"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310877358", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877358", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877358\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:23:01 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-e328697628)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-e328697628\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5RQU3J2NECHS2VKGI2M6FJHY55JFO7S\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-e328697628 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.4.12~200.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-05T16:43:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-29T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-3cd64d683c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19054", "CVE-2020-9391", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-14901", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19053", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-11135", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-16232", "CVE-2019-19074", "CVE-2019-19056", "CVE-2019-19072"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310877533", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877533", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877533\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2020-9391\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-29 04:03:28 +0000 (Sat, 29 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-3cd64d683c)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-3cd64d683c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4LH35HOPBJIKYHYFXMBBM75DN75PZHZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-3cd64d683c advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.5.6~201.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2023-06-10T16:22:43", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/linux-4.4.208/*: Upgraded.\n IPV6_MULTIPLE_TABLES n -&gt; y\n +IPV6_SUBTREES y\n These updates fix various bugs and security issues.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n Fixed in 4.4.203:\n https://vulners.com/cve/CVE-2019-19524\n https://vulners.com/cve/CVE-2019-15917\n Fixed in 4.4.204:\n https://vulners.com/cve/CVE-2019-18660\n https://vulners.com/cve/CVE-2019-15291\n https://vulners.com/cve/CVE-2019-18683\n Fixed in 4.4.206:\n https://vulners.com/cve/CVE-2019-12614\n Fixed in 4.4.207:\n https://vulners.com/cve/CVE-2019-19227\n https://vulners.com/cve/CVE-2019-19062\n https://vulners.com/cve/CVE-2019-19338\n https://vulners.com/cve/CVE-2019-19332\n Fixed in 4.4.208:\n https://vulners.com/cve/CVE-2019-19057\n https://vulners.com/cve/CVE-2019-19063\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-generic-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-generic-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-headers-4.4.208_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-huge-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-huge-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-modules-4.4.208-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-modules-smp-4.4.208_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.208/kernel-source-4.4.208_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-generic-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-headers-4.4.208-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-huge-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-modules-4.4.208-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.208/kernel-source-4.4.208-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.2 packages:\nef3ab53561656d90c19389bed7f883ea kernel-generic-4.4.208-i586-1.txz\nce33ac504adf47d140c3d9ffbf7589b2 kernel-generic-smp-4.4.208_smp-i686-1.txz\n2fb222e279ceacf6e3af294a1cce54e9 kernel-headers-4.4.208_smp-x86-1.txz\nc237d6708a9d59080deb5a6659d1acf1 kernel-huge-4.4.208-i586-1.txz\n29018038f4e0510dfa7e9cdfe69c994a kernel-huge-smp-4.4.208_smp-i686-1.txz\n6518395d78e7c7b323bd964dd3b9ed13 kernel-modules-4.4.208-i586-1.txz\n440885e37ee410473bf1c9a6b028dd8b kernel-modules-smp-4.4.208_smp-i686-1.txz\n969021b83f0cb73d7b745b3d77bdbee0 kernel-source-4.4.208_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\nd6edb0754c752aaf8fcbd8d4d5bfc30a kernel-generic-4.4.208-x86_64-1.txz\n10255231f7085336046b49e829bf972c kernel-headers-4.4.208-x86-1.txz\n369fa14fb7f59f1e903402be3ad685e7 kernel-huge-4.4.208-x86_64-1.txz\nb8c8261fbb6bed66c3ded3aa36e206df kernel-modules-4.4.208-x86_64-1.txz\n83f37ca83c19fe8d1a785c93cc1ad6f5 kernel-source-4.4.208-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.208-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.208 | bash\n\nPlease note that \"uniprocessor\" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run \"uname -a\". If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.208-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.208 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run \"lilo\" as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-08T22:45:25", "type": "slackware", "title": "[slackware-security] Slackware 14.2 kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-12614", "CVE-2019-15291", "CVE-2019-15917", "CVE-2019-18660", "CVE-2019-18683", "CVE-2019-19057", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19227", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19524"], "modified": "2020-01-08T22:45:25", "id": "SSA-2020-008-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2020&m=slackware-security.705204", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2023-06-10T17:42:26", "description": "**Issue Overview:**\n\nA memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. (CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. (CVE-2019-19332 ) \n\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-4.14.165-102.185.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.165-102.185.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.165-102.185.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.165-102.185.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.165-102.185.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2019-19062](<https://access.redhat.com/security/cve/CVE-2019-19062>), [CVE-2019-19332](<https://access.redhat.com/security/cve/CVE-2019-19332>)\n\nMitre: [CVE-2019-19062](<https://vulners.com/cve/CVE-2019-19062>), [CVE-2019-19332](<https://vulners.com/cve/CVE-2019-19332>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-02-04T22:39:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19062", "CVE-2019-19332"], "modified": "2020-02-07T17:57:00", "id": "ALAS-2020-1338", "href": "https://alas.aws.amazon.com/ALAS-2020-1338.html", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2023-06-10T15:52:25", "description": "**Issue Overview:**\n\nA memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. (CVE-2019-19062)\n\nAn out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service. (CVE-2019-19332)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 kernel-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-aarch64-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.165-131.185.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.165-131.185.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 kernel-headers-4.14.165-131.185.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.165-131.185.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.165-131.185.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-livepatch-4.14.165-131.185-1.0-0.amzn2.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2019-19062](<https://access.redhat.com/security/cve/CVE-2019-19062>), [CVE-2019-19332](<https://access.redhat.com/security/cve/CVE-2019-19332>)\n\nMitre: [CVE-2019-19062](<https://vulners.com/cve/CVE-2019-19062>), [CVE-2019-19332](<https://vulners.com/cve/CVE-2019-19332>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-02-05T16:47:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19062", "CVE-2019-19332"], "modified": "2020-02-08T00:02:00", "id": "ALAS2-2020-1392", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1392.html", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:C"}}], "cloudfoundry": [{"lastseen": "2023-06-10T15:22:34", "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n\n## Description\n\nUSN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.\n\nIt was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)\n\nIt was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)\n\nCVEs contained in this USN include: CVE-2019-14615, CVE-2020-7053.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Xenial Stemcells \n * 97.x versions prior to 97.230\n * 621.x versions prior to 621.55\n * 170.x versions prior to 170.201\n * 315.x versions prior to 315.167\n * 456.x versions prior to 456.96\n * 250.x versions prior to 250.181\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Xenial Stemcells \n * Upgrade 97.x versions to 97.230 or greater\n * Upgrade 621.x versions to 621.55 or greater\n * Upgrade 170.x versions to 170.201 or greater\n * Upgrade 315.x versions to 315.167 or greater\n * Upgrade 456.x versions to 456.96 or greater\n * Upgrade 250.x versions to 250.181 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n\n## References\n\n * [USN Notice](<https://usn.ubuntu.com/4255-2/>)\n * [CVE-2019-14615](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14615>)\n * [CVE-2020-7053](<https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7053>)\n\n## History\n\n2020-01-28: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-02-12T00:00:00", "type": "cloudfoundry", "title": "USN-4255-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2020-7053"], "modified": "2020-02-12T00:00:00", "id": "CFOUNDRY:1F5DBB3C3CBCE17DE26C796E1F59B3C4", "href": "https://www.cloudfoundry.org/blog/usn-4255-2/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:25:15", "description": "[4.14.35-1902.11.3]\n- xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 31013775]\n[4.14.35-1902.11.2]\n- ib/core: Cancel fmr delayed_worker when in shutdown phase of reboot system (Hans Westgaard Ry) [Orabug: 30967501] \n- Revert 'printk: Default console logging level should be set to 4' (Cesar Roque) [Orabug: 30833249] \n- cgroup: psi: fix memory leak when freeing a cgroup work function (Tom Hromatka) [Orabug: 30903264]\n[4.14.35-1902.11.1]\n- xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30657780] \n- xfs: increase the default parallelism levels of pwork clients (Darrick J. Wong) [Orabug: 30657780] \n- xfs: decide if inode needs inactivation (Darrick J. Wong) [Orabug: 30657780] \n- xfs: refactor the predicate part of xfs_free_eofblocks (Darrick J. Wong) [Orabug: 30657780] \n- mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (Brian Norris) [Orabug: 30781858] {CVE-2019-14895}\n- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781858] {CVE-2019-14895} {CVE-2019-14895}\n- ipmi_ssif: avoid registering duplicate ssif interface (Kamlakant Patel) [Orabug: 30916684] \n- ipmi: Fix NULL pointer dereference in ssif_probe (Gustavo A. R. Silva) [Orabug: 30916684] \n- uio: Fix an Oops on load (Dan Carpenter) [Orabug: 30897832] \n- drm/i915: Fix use-after-free when destroying GEM context (Tyler Hicks) [Orabug: 30860457] {CVE-2020-7053}\n- xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Darrick J. Wong) [Orabug: 30788113] \n- slub: extend slub debug to handle multiple slabs (Aaron Tomlin) [Orabug: 30903135] \n- RAS/CEC: Fix binary search function (Borislav Petkov) [Orabug: 30897849] \n- CIFS: fix POSIX lock leak and invalid ptr deref (Aurelien Aptel) [Orabug: 30809456] \n- rds: Avoid flushing MRs in rds_rdma_drop_keys (aru kolappan) [Orabug: 30681066]\n[4.14.35-1902.11.0]\n- rds: Avoid qp overflow when posting invalidate/register mr with frwr (Hans Westgaard Ry) [Orabug: 30888677] \n- rds: Use bitmap to designate dropped connections (Hakon Bugge) [Orabug: 30852643] \n- rds: prevent use-after-free of rds conn in rds_send_drop_to() (Sharath Srinivasan) [Orabug: 30865079] \n- media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864532] {CVE-2019-15291}\n- KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [Orabug: 30846856] \n- KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [Orabug: 30846856] \n- KVM: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [Orabug: 30846856] \n- KVM: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [Orabug: 30846856] \n- KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [Orabug: 30846856] \n- xen/ovmapi: whitelist more caches (Boris Ostrovsky) [Orabug: 30837856] \n- mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (qize wang) [Orabug: 30819438] {CVE-2019-14901}\n- drm/i915/gen9: Clear residual context state on context switch (Akeem G Abodunrin) [Orabug: 30773852] {CVE-2019-14615} {CVE-2019-14615}\n- rds: unlock rs_snd_lock before calling rhashtable_insert_fast (aru kolappan) [Orabug: 30734590]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-03-15T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615", "CVE-2019-14895", "CVE-2019-14901", "CVE-2019-15291", "CVE-2020-7053"], "modified": "2020-03-15T00:00:00", "id": "ELSA-2020-5569", "href": "http://linux.oracle.com/errata/ELSA-2020-5569.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:50", "description": "[2.6.39-400.320.1]\n- rds: Avoid flushing MRs in rds_rdma_drop_keys (aru kolappan) [Orabug: 30650888] \n- media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864535] {CVE-2019-15291}", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-03-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15291"], "modified": "2020-03-09T00:00:00", "id": "ELSA-2020-5560", "href": "http://linux.oracle.com/errata/ELSA-2020-5560.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:24:54", "description": "kernel-uek\n[3.8.13-118.43.1]\n- media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864534] {CVE-2019-15291}", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2020-03-05T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15291"], "modified": "2020-03-05T00:00:00", "id": "ELSA-2020-5559", "href": "http://linux.oracle.com/errata/ELSA-2020-5559.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "photon": [{"lastseen": "2023-01-19T17:52:19", "description": "Updates of ['linux-secure', 'linux-esx', 'linux-aws', 'linux'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-24T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2020-0052", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10220", "CVE-2019-15217", "CVE-2019-15504", "CVE-2019-16233", "CVE-2019-19056", "CVE-2019-19057", "CVE-2019-19058", "CVE-2019-19059", "CVE-2019-19071", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19447", "CVE-2019-19767", "CVE-2019-19807", "CVE-2019-19927", "CVE-2019-19947", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-20636", "CVE-2019-20812", "CVE-2019-5108", "CVE-2019-9445", "CVE-2020-7053"], "modified": "2020-01-24T00:00:00", "id": "PHSA-2020-0052", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-52", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-10T17:51:10", "description": "Updates of ['linux-secure', 'linux-aws', 'linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-28T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2020-3.0-0052", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10220", "CVE-2019-15217", "CVE-2019-15504", "CVE-2019-16233", "CVE-2019-19056", "CVE-2019-19057", "CVE-2019-19058", "CVE-2019-19059", "CVE-2019-19071", "CVE-2019-19252", "CVE-2019-19332", "CVE-2019-19447", "CVE-2019-19767", "CVE-2019-19807", "CVE-2019-19927", "CVE-2019-19947", "CVE-2019-19965", "CVE-2019-20096", "CVE-2019-20636", "CVE-2019-20812", "CVE-2019-5108", "CVE-2019-9445", "CVE-2020-7053"], "modified": "2020-01-28T00:00:00", "id": "PHSA-2020-3.0-0052", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-52", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T08:49:25", "description": "An update of {'linux', 'linux-esx'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-12T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-1.0-0274", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10220", "CVE-2019-19062", "CVE-2019-19332", "CVE-2019-19447", "CVE-2019-19965", "CVE-2019-20636", "CVE-2019-20812"], "modified": "2020-02-12T00:00:00", "id": "PHSA-2020-1.0-0274", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-274", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-10T16:18:41", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-02-05T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2020-0274", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10220", "CVE-2019-19062", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19447", "CVE-2019-19965", "CVE-2019-20636", "CVE-2019-20812"], "modified": "2020-02-05T00:00:00", "id": "PHSA-2020-0274", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-274", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:50:11", "description": "Updates of ['logstash', 'linux-esx', 'linux', 'linux-secure', 'linux-aws'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-16T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-0046", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15291", "CVE-2019-19062", "CVE-2019-19066", "CVE-2019-19072", "CVE-2019-19073", "CVE-2019-19074", "CVE-2019-19078", "CVE-2019-19524", "CVE-2019-7620"], "modified": "2019-12-16T00:00:00", "id": "PHSA-2019-0046", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-46", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T17:51:33", "description": "Updates of ['linux-aws', 'linux', 'linux-secure', 'linux-esx', 'logstash'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-17T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2019-3.0-0046", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15291", "CVE-2019-19062", "CVE-2019-19066", "CVE-2019-19072", "CVE-2019-19073", "CVE-2019-19074", "CVE-2019-19078", "CVE-2019-19524", "CVE-2019-7620"], "modified": "2019-12-17T00:00:00", "id": "PHSA-2019-3.0-0046", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-46", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-11-03T11:49:25", "description": "An update of {'linux-esx', 'linux'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-22T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-1.0-0295", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-22T00:00:00", "id": "PHSA-2020-1.0-0295", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-295", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-03T20:58:42", "description": "An update of {'linux-aws', 'linux-secure'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-22T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-2.0-0245", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-22T00:00:00", "id": "PHSA-2020-2.0-0245", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-245", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-03T20:58:41", "description": "An update of {'linux-esx', 'linux'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-20T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-2.0-0244", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-20T00:00:00", "id": "PHSA-2020-2.0-0244", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-244", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T15:56:45", "description": "Updates of ['linux-aws', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-22T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2020-0245", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-22T00:00:00", "id": "PHSA-2020-0245", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-245", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T15:56:56", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-20T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2020-0244", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-20T00:00:00", "id": "PHSA-2020-0244", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-244", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-11T00:27:03", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-22T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2020-0295", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2020-05-22T00:00:00", "id": "PHSA-2020-0295", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-295", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T15:58:43", "description": "Updates of ['linux', 'linux-esx', 'linux-aws', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-02-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2020-0212", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10220", "CVE-2019-16233", "CVE-2019-19037", "CVE-2019-19062", "CVE-2019-19332", "CVE-2019-19338", "CVE-2019-19447", "CVE-2019-19965", "CVE-2019-20636", "CVE-2019-20812"], "modified": "2020-02-13T00:00:00", "id": "PHSA-2020-0212", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-212", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T17:49:18", "description": "An update of {'linux', 'linux-esx'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.1, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.2}, "published": "2020-02-21T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-1.0-0279", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-21008", "CVE-2019-15217", "CVE-2019-16233", "CVE-2019-17351", "CVE-2019-19767", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-12652", "CVE-2020-14416", "CVE-2020-8428"], "modified": "2020-02-21T00:00:00", "id": "PHSA-2020-1.0-0279", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-279", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-11T00:27:54", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2020-02-21T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2020-0279", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-21008", "CVE-2019-15217", "CVE-2019-16233", "CVE-2019-17351", "CVE-2019-19767", "CVE-2019-20096", "CVE-2019-5108", "CVE-2020-12652", "CVE-2020-14416", "CVE-2020-8428"], "modified": "2020-02-21T00:00:00", "id": "PHSA-2020-0279", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-279", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "symantec": [{"lastseen": "2021-06-08T19:02:10", "description": "### Description\n\nLinux kernel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Linux kernel versions through 5.3.8 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 2.0.0 \n * Linux kernel 2.0.1 \n * Linux kernel 2.0.10 \n * Linux kernel 2.0.11 \n * Linux kernel 2.0.12 \n * Linux kernel 2.0.13 \n * Linux kernel 2.0.14 \n * Linux kernel 2.0.15 \n * Linux kernel 2.0.16 \n * Linux kernel 2.0.17 \n * Linux kernel 2.0.18 \n * Linux kernel 2.0.19 \n * Linux kernel 2.0.2 \n * Linux kernel 2.0.20 \n * Linux kernel 2.0.21 \n * Linux kernel 2.0.22 \n * Linux kernel 2.0.23 \n * Linux kernel 2.0.24 \n * Linux kernel 2.0.25 \n * Linux kernel 2.0.26 \n * Linux kernel 2.0.27 \n * Linux kernel 2.0.28 \n * Linux kernel 2.0.29 \n * Linux kernel 2.0.3 \n * Linux kernel 2.0.30 \n * Linux kernel 2.0.31 \n * Linux kernel 2.0.32 \n * Linux kernel 2.0.33 \n * Linux kernel 2.0.34 \n * Linux kernel 2.0.35 \n * Linux kernel 2.0.36 \n * Linux kernel 2.0.37 \n * Linux kernel 2.0.38 \n * Linux kernel 2.0.39 \n * Linux kernel 2.0.4 \n * Linux kernel 2.0.40 \n * Linux kernel 2.0.5 \n * Linux kernel 2.0.6 \n * Linux kernel 2.0.7 \n * Linux kernel 2.0.8 \n * Linux kernel 2.0.9 \n * Linux kernel 2.1.0 \n * Linux kernel 2.1.132 \n * Linux kernel 2.1.89 \n * Linux kernel 2.2.0 \n * Linux kernel 2.2.1 \n * Linux kernel 2.2.10 \n * Linux kernel 2.2.11 \n * Linux kernel 2.2.12 \n * Linux kernel 2.2.13 \n * Linux kernel 2.2.14 \n * Linux kernel 2.2.15 \n * Linux kernel 2.2.16 \n * Linux kernel 2.2.17 \n * Linux kernel 2.2.18 \n * Linux kernel 2.2.19 \n * Linux kernel 2.2.2 \n * Linux kernel 2.2.20 \n * Linux kernel 2.2.21 \n * Linux kernel 2.2.22 \n * Linux kernel 2.2.23 \n * Linux kernel 2.2.24 \n * Linux kernel 2.2.25 \n * Linux kernel 2.2.26 \n * Linux kernel 2.2.3 \n * Linux kernel 2.2.4 \n * Linux kernel 2.2.5 \n * Linux kernel 2.2.6 \n * Linux kernel 2.2.7 \n * Linux kernel 2.2.8 \n * Linux kernel 2.2.9 \n * Linux kernel 2.3.0 \n * Linux kernel 2.3.1 \n * Linux kernel 2.3.10 \n * Linux kernel 2.3.11 \n * Linux kernel 2.3.12 \n * Linux kernel 2.3.13 \n * Linux kernel 2.3.14 \n * Linux kernel 2.3.15 \n * Linux kernel 2.3.16 \n * Linux kernel 2.3.17 \n * Linux kernel 2.3.18 \n * Linux kernel 2.3.19 \n * Linux kernel 2.3.2 \n * Linux kernel 2.3.20 \n * Linux kernel 2.3.21 \n * Linux kernel 2.3.22 \n * Linux kernel 2.3.23 \n * Linux kernel 2.3.24 \n * Linux kernel 2.3.25 \n * Linux kernel 2.3.26 \n * Linux kernel 2.3.27 \n * Linux kernel 2.3.28 \n * Linux kernel 2.3.29 \n * Linux kernel 2.3.3 \n * Linux kernel 2.3.30 \n * Linux kernel 2.3.31 \n * Linux kernel 2.3.32 \n * Linux kernel 2.3.33 \n * Linux kernel 2.3.34 \n * Linux kernel 2.3.35 \n * Linux kernel 2.3.36 \n * Linux kernel 2.3.37 \n * Linux kernel 2.3.38 \n * Linux kernel 2.3.39 \n * Linux kernel 2.3.4 \n * Linux kernel 2.3.40 \n * Linux kernel 2.3.41 \n * Linux kernel 2.3.42 \n * Linux kernel 2.3.43 \n * Linux kernel 2.3.44 \n * Linux kernel 2.3.45 \n * Linux kernel 2.3.46 \n * Linux kernel 2.3.47 \n * Linux kernel 2.3.48 \n * Linux kernel 2.3.49 \n * Linux kernel 2.3.5 \n * Linux kernel 2.3.50 \n * Linux kernel 2.3.51 \n * Linux kernel 2.3.6 \n * Linux kernel 2.3.7 \n * Linux kernel 2.3.8 \n * Linux kernel 2.3.9 \n * Linux kernel 2.3.99 \n * Linux kernel 2.4.0 \n * Linux kernel 2.4.1 \n * Linux kernel 2.4.2 \n * Linux kernel 2.4.3 \n * Linux kernel 2.4.4 \n * Linux kernel 2.4.5 \n * Linux kernel 2.4.6 \n * Linux kernel 2.4.7 \n * Linux kernel 2.4.8 \n * Linux kernel 2.4.9 \n * Linux kernel 2.5.0 .0 \n * Linux kernel 2.5.1 \n * Linux kernel 2.5.10 \n * Linux kernel 2.5.11 \n * Linux kernel 2.5.12 \n * Linux kernel 2.5.13 \n * Linux kernel 2.5.14 \n * Linux kernel 2.5.15 \n * Linux kernel 2.5.16 \n * Linux kernel 2.5.17 \n * Linux kernel 2.5.18 \n * Linux kernel 2.5.19 \n * Linux kernel 2.5.2 \n * Linux kernel 2.5.20 \n * Linux kernel 2.5.21 \n * Linux kernel 2.5.22 \n * Linux kernel 2.5.23 \n * Linux kernel 2.5.24 \n * Linux kernel 2.5.25 \n * Linux kernel 2.5.26 \n * Linux kernel 2.5.27 \n * Linux kernel 2.5.28 \n * Linux kernel 2.5.29 \n * Linux kernel 2.5.3 \n * Linux kernel 2.5.30 \n * Linux kernel 2.5.31 \n * Linux kernel 2.5.32 \n * Linux kernel 2.5.33 \n * Linux kernel 2.5.34 \n * Linux kernel 2.5.35 \n * Linux kernel 2.5.36 \n * Linux kernel 2.5.37 \n * Linux kernel 2.5.38 \n * Linux kernel 2.5.39 \n * Linux kernel 2.5.4 \n * Linux kernel 2.5.40 \n * Linux kernel 2.5.41 \n * Linux kernel 2.5.42 \n * Linux kernel 2.5.43 \n * Linux kernel 2.5.44 \n * Linux kernel 2.5.45 \n * Linux kernel 2.5.46 \n * Linux kernel 2.5.47 \n * Linux kernel 2.5.48 \n * Linux kernel 2.5.49 \n * Linux kernel 2.5.5 \n * Linux kernel 2.5.50 \n * Linux kernel 2.5.51 \n * Linux kernel 2.5.52 \n * Linux kernel 2.5.53 \n * Linux kernel 2.5.54 \n * Linux kernel 2.5.55 \n * Linux kernel 2.5.56 \n * Linux kernel 2.5.57 \n * Linux kernel 2.5.58 \n * Linux kernel 2.5.59 \n * Linux kernel 2.5.6 \n * Linux kernel 2.5.60 \n * Linux kernel 2.5.61 \n * Linux kernel 2.5.62 \n * Linux kernel 2.5.63 \n * Linux kernel 2.5.64 \n * Linux kernel 2.5.65 \n * Linux kernel 2.5.66 \n * Linux kernel 2.5.67 \n * Linux kernel 2.5.68 \n * Linux kernel 2.5.69 \n * Linux kernel 2.5.7 \n * Linux kernel 2.5.8 \n * Linux kernel 2.5.9 \n * Linux kernel 2.6 \n * Linux kernel 2.6.0 \n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0-rc4-git1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.102 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.15 \n * Linux kernel 4.15.0 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.4 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.7 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.7 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3.3 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n * Linux kernel 5.1-rc1 \n * Linux kernel 5.1-rc5 \n * Linux kernel 5.1-rc6 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n * Linux kernel 5.3 \n * Linux kernel 5.3.1 \n * Linux kernel 5.3.2 \n * Linux kernel 5.3.4 \n * Linux kernel 5.3.5 \n * Linux kernel 5.3.6 \n * Linux kernel 5.3.7 \n * Linux kernel 5.3.8 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.\n\nUpdates are available. Please see the references for more information.\n", "cvss3": {}, "published": "2019-11-05T00:00:00", "type": "symantec", "title": "Linux Kernel CVE-2019-18786 Information Disclosure Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-18786"], "modified": "2019-11-05T00:00:00", "id": "SMNTC-110883", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110883", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-06-08T19:02:13", "description": "### Description\n\nLinux Kernel is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.1 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14-rc1 \n * Linux kernel 3.14-rc2 \n * Linux kernel 3.14-rc3 \n * Linux kernel 3.14-rc4 \n * Linux kernel 3.14-rc5 \n * Linux kernel 3.14-rc7 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15-rc1 \n * Linux kernel 3.15-rc2 \n * Linux kernel 3.15-rc3 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17-rc3 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0-rc1 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1-rc1 \n * Linux kernel 4.1-rc3 \n * Linux kernel 4.1-rc6 \n * Linux kernel 4.1-rc7 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.1.47 \n * Linux kernel 4.10-rc1 \n * Linux kernel 4.10-rc8 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.15 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.10.5 \n * Linux kernel 4.10.6 \n * Linux kernel 4.10.7 \n * Linux kernel 4.10.8 \n * Linux kernel 4.10.9 \n * Linux kernel 4.11 \n * Linux kernel 4.11-rc1 \n * Linux kernel 4.11-rc2 \n * Linux kernel 4.11-rc3 \n * Linux kernel 4.11-rc4 \n * Linux kernel 4.11-rc5 \n * Linux kernel 4.11-rc6 \n * Linux kernel 4.11-rc7 \n * Linux kernel 4.11-rc8 \n * Linux kernel 4.11.0 \n * Linux kernel 4.11.1 \n * Linux kernel 4.11.2 \n * Linux kernel 4.11.3 \n * Linux kernel 4.11.4 \n * Linux kernel 4.11.5 \n * Linux kernel 4.11.7 \n * Linux kernel 4.11.8 \n * Linux kernel 4.11.9 \n * Linux kernel 4.12 \n * Linux kernel 4.12-rc1 \n * Linux kernel 4.12.1 \n * Linux kernel 4.12.10 \n * Linux kernel 4.12.2 \n * Linux kernel 4.12.3 \n * Linux kernel 4.12.4 \n * Linux kernel 4.12.9 \n * Linux kernel 4.13 \n * Linux kernel 4.13-rc1 \n * Linux kernel 4.13-rc4 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.14 \n * Linux kernel 4.14-rc1 \n * Linux kernel 4.14-rc5 \n * Linux kernel 4.14.0-rc1 \n * Linux kernel 4.14.1 \n * Linux kernel 4.14.10 \n * Linux kernel 4.14.109 \n * Linux kernel 4.14.11 \n * Linux kernel 4.14.114 \n * Linux kernel 4.14.120 \n * Linux kernel 4.14.13 \n * Linux kernel 4.14.14 \n * Linux kernel 4.14.15 \n * Linux kernel 4.14.2 \n * Linux kernel 4.14.3 \n * Linux kernel 4.14.31 \n * Linux kernel 4.14.4 \n * Linux kernel 4.14.5 \n * Linux kernel 4.14.6 \n * Linux kernel 4.14.67 \n * Linux kernel 4.14.7 \n * Linux kernel 4.14.71 \n * Linux kernel 4.14.78 \n * Linux kernel 4.14.8 \n * Linux kernel 4.14.90 \n * Linux kernel 4.15 \n * Linux kernel 4.15-rc4 \n * Linux kernel 4.15-rc5 \n * Linux kernel 4.15-rc8 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16-rc \n * Linux kernel 4.16-rc6 \n * Linux kernel 4.16-rc7 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17-rc2 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18-rc5 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19-rc1 \n * Linux kernel 4.19-rc3 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3-rc1 \n * Linux kernel 4.3.3 \n * Linux kernel 4.4 \n * Linux kernel 4.4-rc1 \n * Linux kernel 4.4-rc4 \n * Linux kernel 4.4-rc5 \n * Linux kernel 4.4.0-57 \n * Linux kernel 4.4.1 \n * Linux kernel 4.4.105 \n * Linux kernel 4.4.125 \n * Linux kernel 4.4.14 \n * Linux kernel 4.4.157 \n * Linux kernel 4.4.177 \n * Linux kernel 4.4.180 \n * Linux kernel 4.4.2 \n * Linux kernel 4.4.22 \n * Linux kernel 4.4.23 \n * Linux kernel 4.4.24 \n * Linux kernel 4.4.25 \n * Linux kernel 4.4.26 \n * Linux kernel 4.4.27 \n * Linux kernel 4.4.28 \n * Linux kernel 4.4.29 \n * Linux kernel 4.4.30 \n * Linux kernel 4.4.38 \n * Linux kernel 4.4.7 \n * Linux kernel 4.5 \n * Linux kernel 4.5-rc1 \n * Linux kernel 4.5-rc2 \n * Linux kernel 4.5-rc4 \n * Linux kernel 4.5-rc7 \n * Linux kernel 4.5.5 \n * Linux kernel 4.6 \n * Linux kernel 4.6 rc6 \n * Linux kernel 4.6 rc7 \n * Linux kernel 4.6-rc1 \n * Linux kernel 4.6.1 \n * Linux kernel 4.6.2 \n * Linux kernel 4.6.3 \n * Linux kernel 4.7 \n * Linux kernel 4.7-rc1 \n * Linux kernel 4.7-rc5 \n * Linux kernel 4.7-rc6 \n * Linux kernel 4.7.4 \n * Linux kernel 4.7.9 \n * Linux kernel 4.8 \n * Linux kernel 4.8 rc1 \n * Linux kernel 4.8.1 \n * Linux kernel 4.8.11 \n * Linux kernel 4.8.12 \n * Linux kernel 4.8.13 \n * Linux kernel 4.8.14 \n * Linux kernel 4.8.3 \n * Linux kernel 4.8.6 \n * Linux kernel 4.8.7 \n * Linux kernel 4.9 \n * Linux kernel 4.9-rc1 \n * Linux kernel 4.9-rc3 \n * Linux kernel 4.9-rc4 \n * Linux kernel 4.9-rc8 \n * Linux kernel 4.9.11 \n * Linux kernel 4.9.128 \n * Linux kernel 4.9.13 \n * Linux kernel 4.9.135 \n * Linux kernel 4.9.166 \n * Linux kernel 4.9.177 \n * Linux kernel 4.9.3 \n * Linux kernel 4.9.36 \n * Linux kernel 4.9.4 \n * Linux kernel 4.9.68 \n * Linux kernel 4.9.71 \n * Linux kernel 4.9.74 \n * Linux kernel 4.9.8 \n * Linux kernel 4.9.9 \n * Linux kernel 4.9.91 \n * Linux kernel 5.0 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n\n### Recommendations\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-11-22T00:00:00", "type": "symantec", "title": "Linux Kernel CVE-2019-19227 Null Pointer Dereference Multiple Denial of Service Vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-19227"], "modified": "2019-11-22T00:00:00", "id": "SMNTC-110961", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110961", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:02:11", "description": "### Description\n\nLinux Kernel is prone to multiple denial-of-service vulnerabilities. Successful exploitation of these issues may cause excessive memory consumption, resulting in denial-of-service conditions. Linux kernel versions through 5.3.11 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 2.6.0 \n * Linux kernel 2.6.1 \n * Linux kernel 2.6.11 .11 \n * Linux kernel 2.6.11 .12 \n * Linux kernel 2.6.11 .4 \n * Linux kernel 2.6.11 .5 \n * Linux kernel 2.6.11 .6 \n * Linux kernel 2.6.11 .7 \n * Linux kernel 2.6.11 .8 \n * Linux kernel 2.6.11 \n * Linux kernel 2.6.11.1 \n * Linux kernel 2.6.11.10 \n * Linux kernel 2.6.11.11 \n * Linux kernel 2.6.11.12 \n * Linux kernel 2.6.11.2 \n * Linux kernel 2.6.11.3 \n * Linux kernel 2.6.11.4 \n * Linux kernel 2.6.11.5 \n * Linux kernel 2.6.11.6 \n * Linux kernel 2.6.11.7 \n * Linux kernel 2.6.11.8 \n * Linux kernel 2.6.11.9 \n * Linux kernel 2.6.12 .1 \n * Linux kernel 2.6.12 .12 \n * Linux kernel 2.6.12 .2 \n * Linux kernel 2.6.12 .22 \n * Linux kernel 2.6.12 .3 \n * Linux kernel 2.6.12 .4 \n * Linux kernel 2.6.12 .5 \n * Linux kernel 2.6.12 .6 \n * Linux kernel 2.6.12 \n * Linux kernel 2.6.12.1 \n * Linux kernel 2.6.12.2 \n * Linux kernel 2.6.12.3 \n * Linux kernel 2.6.12.4 \n * Linux kernel 2.6.12.5 \n * Linux kernel 2.6.12.6 \n * Linux kernel 2.6.13 .1 \n * Linux kernel 2.6.13 .2 \n * Linux kernel 2.6.13 .3 \n * Linux kernel 2.6.13 .4 \n * Linux kernel 2.6.13 \n * Linux kernel 2.6.13.2 \n * Linux kernel 2.6.13.3 \n * Linux kernel 2.6.13.4 \n * Linux kernel 2.6.13.5 \n * Linux kernel 2.6.14 .1 \n * Linux kernel 2.6.14 .2 \n * Linux kernel 2.6.14 .3 \n * Linux kernel 2.6.14 \n * Linux kernel 2.6.14.1 \n * Linux kernel 2.6.14.2 \n * Linux kernel 2.6.14.3 \n * Linux kernel 2.6.14.4 \n * Linux kernel 2.6.14.5 \n * Linux kernel 2.6.14.6 \n * Linux kernel 2.6.14.7 \n * Linux kernel 2.6.15 .4 \n * Linux kernel 2.6.15 \n * Linux kernel 2.6.15.1 \n * Linux kernel 2.6.15.11 \n * Linux kernel 2.6.15.2 \n * Linux kernel 2.6.15.3 \n * Linux kernel 2.6.15.4 \n * Linux kernel 2.6.15.5 \n * Linux kernel 2.6.15.6 \n * Linux kernel 2.6.15.7 \n * Linux kernel 2.6.16 .1 \n * Linux kernel 2.6.16 .11 \n * Linux kernel 2.6.16 .12 \n * Linux kernel 2.6.16 .19 \n * Linux kernel 2.6.16 .23 \n * Linux kernel 2.6.16 .7 \n * Linux kernel 2.6.16 .9 \n * Linux kernel 2.6.16 13 \n * Linux kernel 2.6.16 27 \n * Linux kernel 2.6.16 \n * Linux kernel 2.6.16.10 \n * Linux kernel 2.6.16.11 \n * Linux kernel 2.6.16.12 \n * Linux kernel 2.6.16.13 \n * Linux kernel 2.6.16.14 \n * Linux kernel 2.6.16.15 \n * Linux kernel 2.6.16.16 \n * Linux kernel 2.6.16.17 \n * Linux kernel 2.6.16.18 \n * Linux kernel 2.6.16.19 \n * Linux kernel 2.6.16.2 \n * Linux kernel 2.6.16.20 \n * Linux kernel 2.6.16.21 \n * Linux kernel 2.6.16.22 \n * Linux kernel 2.6.16.24 \n * Linux kernel 2.6.16.25 \n * Linux kernel 2.6.16.26 \n * Linux kernel 2.6.16.27 \n * Linux kernel 2.6.16.28 \n * Linux kernel 2.6.16.29 \n * Linux kernel 2.6.16.3 \n * Linux kernel 2.6.16.30 \n * Linux kernel 2.6.16.31 \n * Linux kernel 2.6.16.32 \n * Linux kernel 2.6.16.33 \n * Linux kernel 2.6.16.34 \n * Linux kernel 2.6.16.35 \n * Linux kernel 2.6.16.36 \n * Linux kernel 2.6.16.37 \n * Linux kernel 2.6.16.38 \n * Linux kernel 2.6.16.39 \n * Linux kernel 2.6.16.4 \n * Linux kernel 2.6.16.40 \n * Linux kernel 2.6.16.41 \n * Linux kernel 2.6.16.43 \n * Linux kernel 2.6.16.44 \n * Linux kernel 2.6.16.45 \n * Linux kernel 2.6.16.46 \n * Linux kernel 2.6.16.47 \n * Linux kernel 2.6.16.48 \n * Linux kernel 2.6.16.49 \n * Linux kernel 2.6.16.5 \n * Linux kernel 2.6.16.50 \n * Linux kernel 2.6.16.51 \n * Linux kernel 2.6.16.52 \n * Linux kernel 2.6.16.53 \n * Linux kernel 2.6.16.6 \n * Linux kernel 2.6.16.7 \n * Linux kernel 2.6.16.8 \n * Linux kernel 2.6.16.9 \n * Linux kernel 2.6.17 .8 \n * Linux kernel 2.6.17 \n * Linux kernel 2.6.17.1 \n * Linux kernel 2.6.17.10 \n * Linux kernel 2.6.17.11 \n * Linux kernel 2.6.17.12 \n * Linux kernel 2.6.17.13 \n * Linux kernel 2.6.17.14 \n * Linux kernel 2.6.17.2 \n * Linux kernel 2.6.17.3 \n * Linux kernel 2.6.17.4 \n * Linux kernel 2.6.17.5 \n * Linux kernel 2.6.17.6 \n * Linux kernel 2.6.17.7 \n * Linux kernel 2.6.17.9 \n * Linux kernel 2.6.18 .1 \n * Linux kernel 2.6.18 \n * Linux kernel 2.6.18.2 \n * Linux kernel 2.6.18.3 \n * Linux kernel 2.6.18.4 \n * Linux kernel 2.6.18.5 \n * Linux kernel 2.6.18.6 \n * Linux kernel 2.6.18.7 \n * Linux kernel 2.6.18.8 \n * Linux kernel 2.6.19 \n * Linux kernel 2.6.19.1 \n * Linux kernel 2.6.19.2 \n * Linux kernel 2.6.19.3 \n * Linux kernel 2.6.19.4 \n * Linux kernel 2.6.2 \n * Linux kernel 2.6.20 \n * Linux kernel 2.6.20-2 \n * Linux kernel 2.6.20.1 \n * Linux kernel 2.6.20.10 \n * Linux kernel 2.6.20.11 \n * Linux kernel 2.6.20.12 \n * Linux kernel 2.6.20.13 \n * Linux kernel 2.6.20.14 \n * Linux kernel 2.6.20.15 \n * Linux kernel 2.6.20.2 \n * Linux kernel 2.6.20.3 \n * Linux kernel 2.6.20.4 \n * Linux kernel 2.6.20.5 \n * Linux kernel 2.6.20.6 \n * Linux kernel 2.6.20.7 \n * Linux kernel 2.6.20.8 \n * Linux kernel 2.6.20.9 \n * Linux kernel 2.6.21 .1 \n * Linux kernel 2.6.21 4 \n * Linux kernel 2.6.21 \n * Linux kernel 2.6.21.2 \n * Linux kernel 2.6.21.3 \n * Linux kernel 2.6.21.6 \n * Linux kernel 2.6.21.7 \n * Linux kernel 2.6.22 \n * Linux kernel 2.6.22.1 \n * Linux kernel 2.6.22.11 \n * Linux kernel 2.6.22.12 \n * Linux kernel 2.6.22.13 \n * Linux kernel 2.6.22.14 \n * Linux kernel 2.6.22.15 \n * Linux kernel 2.6.22.16 \n * Linux kernel 2.6.22.17 \n * Linux kernel 2.6.23.1 \n * Linux kernel 2.6.23.10 \n * Linux kernel 2.6.23.14 \n * Linux kernel 2.6.23.2 \n * Linux kernel 2.6.23.3 \n * Linux kernel 2.6.23.4 \n * Linux kernel 2.6.23.5 \n * Linux kernel 2.6.23.6 \n * Linux kernel 2.6.24 \n * Linux kernel 2.6.24.1 \n * Linux kernel 2.6.24.2 \n * Linux kernel 2.6.25 19 \n * Linux kernel 2.6.25.1 \n * Linux kernel 2.6.25.2 \n * Linux kernel 2.6.25.3 \n * Linux kernel 2.6.25.4 \n * Linux kernel 2.6.25.6 \n * Linux kernel 2.6.25.7 \n * Linux kernel 2.6.25.8 \n * Linux kernel 2.6.25.9 \n * Linux kernel 2.6.26 7 \n * Linux kernel 2.6.26 \n * Linux kernel 2.6.26.3 \n * Linux kernel 2.6.26.4 \n * Linux kernel 2.6.26.5 \n * Linux kernel 2.6.26.6 \n * Linux kernel 2.6.27.12 \n * Linux kernel 2.6.27.13 \n * Linux kernel 2.6.27.14 \n * Linux kernel 2.6.27.24 \n * Linux kernel 2.6.27.46 \n * Linux kernel 2.6.27.8 \n * Linux kernel 2.6.28.1 \n * Linux kernel 2.6.28.2 \n * Linux kernel 2.6.28.3 \n * Linux kernel 2.6.28.4 \n * Linux kernel 2.6.28.5 \n * Linux kernel 2.6.28.6 \n * Linux kernel 2.6.28.8 \n * Linux kernel 2.6.29 \n * Linux kernel 2.6.29.1 \n * Linux kernel 2.6.29.4 \n * Linux kernel 2.6.3 \n * Linux kernel 2.6.30 \n * Linux kernel 2.6.30.1 \n * Linux kernel 2.6.30.10 \n * Linux kernel 2.6.30.3 \n * Linux kernel 2.6.30.4 \n * Linux kernel 2.6.30.5 \n * Linux kernel 2.6.31 \n * Linux kernel 2.6.31.1 \n * Linux kernel 2.6.31.11 \n * Linux kernel 2.6.31.13 \n * Linux kernel 2.6.31.2 \n * Linux kernel 2.6.31.4 \n * Linux kernel 2.6.31.5 \n * Linux kernel 2.6.31.6 \n * Linux kernel 2.6.32 \n * Linux kernel 2.6.32.1 \n * Linux kernel 2.6.32.10 \n * Linux kernel 2.6.32.11 \n * Linux kernel 2.6.32.12 \n * Linux kernel 2.6.32.13 \n * Linux kernel 2.6.32.14 \n * Linux kernel 2.6.32.15 \n * Linux kernel 2.6.32.16 \n * Linux kernel 2.6.32.17 \n * Linux kernel 2.6.32.18 \n * Linux kernel 2.6.32.2 \n * Linux kernel 2.6.32.22 \n * Linux kernel 2.6.32.28 \n * Linux kernel 2.6.32.3 \n * Linux kernel 2.6.32.4 \n * Linux kernel 2.6.32.5 \n * Linux kernel 2.6.32.6 \n * Linux kernel 2.6.32.60 \n * Linux kernel 2.6.32.61 \n * Linux kernel 2.6.32.62 \n * Linux kernel 2.6.32.7 \n * Linux kernel 2.6.32.8 \n * Linux kernel 2.6.32.9 \n * Linux kernel 3.0 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.15 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3.3 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n * Linux kernel 5.1-rc1 \n * Linux kernel 5.1-rc5 \n * Linux kernel 5.1-rc6 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n * Linux kernel 5.3 \n * Linux kernel 5.3.1 \n * Linux kernel 5.3.10 \n * Linux kernel 5.3.11 \n * Linux kernel 5.3.2 \n * Linux kernel 5.3.4 \n * Linux kernel 5.3.5 \n * Linux kernel 5.3.6 \n * Linux kernel 5.3.7 \n * Linux kernel 5.3.8 \n * Linux kernel 5.3.9 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nFilter access to the affected computer at the network boundary if global access isn't needed. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo limit the potential damage that successful exploits may achieve, run all nonadministrative software as an unprivileged user.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-09-14T00:00:00", "type": "symantec", "title": "Linux Kernel Multiple Memory Leak Denial of Service Vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-19054", "CVE-2019-19057", "CVE-2019-19058", "CVE-2019-19062", "CVE-2019-19053", "CVE-2019-19064", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-19063", "CVE-2019-19066", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-19074", "CVE-2019-19056", "CVE-2019-19072"], "modified": "2019-09-14T00:00:00", "id": "SMNTC-110895", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/110895", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-06-08T19:02:21", "description": "### Description\n\nLinux Kernel is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions prior to 5.1 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14-rc1 \n * Linux kernel 3.14-rc2 \n * Linux kernel 3.14-rc3 \n * Linux kernel 3.14-rc4 \n * Linux kernel 3.14-rc5 \n * Linux kernel 3.14-rc7 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15-rc1 \n * Linux kernel 3.15-rc2 \n * Linux kernel 3.15-rc3 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17-rc3 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0-rc1 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1-rc1 \n * Linux kernel 4.1-rc3 \n * Linux kernel 4.1-rc6 \n * Linux kernel 4.1-rc7 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.1.47 \n * Linux kernel 4.10-rc1 \n * Linux kernel 4.10-rc8 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.15 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.10.5 \n * Linux kernel 4.10.6 \n * Linux kernel 4.10.7 \n * Linux kernel 4.10.8 \n * Linux kernel 4.10.9 \n * Linux kernel 4.11 \n * Linux kernel 4.11-rc1 \n * Linux kernel 4.11-rc2 \n * Linux kernel 4.11-rc3 \n * Linux kernel 4.11-rc4 \n * Linux kernel 4.11-rc5 \n * Linux kernel 4.11-rc6 \n * Linux kernel 4.11-rc7 \n * Linux kernel 4.11-rc8 \n * Linux kernel 4.11.0 \n * Linux kernel 4.11.1 \n * Linux kernel 4.11.2 \n * Linux kernel 4.11.3 \n * Linux kernel 4.11.4 \n * Linux kernel 4.11.5 \n * Linux kernel 4.11.7 \n * Linux kernel 4.11.8 \n * Linux kernel 4.11.9 \n * Linux kernel 4.12 \n * Linux kernel 4.12-rc1 \n * Linux kernel 4.12.1 \n * Linux kernel 4.12.10 \n * Linux kernel 4.12.2 \n * Linux kernel 4.12.3 \n * Linux kernel 4.12.4 \n * Linux kernel 4.12.9 \n * Linux kernel 4.13 \n * Linux kernel 4.13-rc1 \n * Linux kernel 4.13-rc4 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.14 \n * Linux kernel 4.14-rc1 \n * Linux kernel 4.14-rc5 \n * Linux kernel 4.14.0-rc1 \n * Linux kernel 4.14.1 \n * Linux kernel 4.14.10 \n * Linux kernel 4.14.109 \n * Linux kernel 4.14.11 \n * Linux kernel 4.14.114 \n * Linux kernel 4.14.120 \n * Linux kernel 4.14.13 \n * Linux kernel 4.14.14 \n * Linux kernel 4.14.15 \n * Linux kernel 4.14.2 \n * Linux kernel 4.14.3 \n * Linux kernel 4.14.31 \n * Linux kernel 4.14.4 \n * Linux kernel 4.14.5 \n * Linux kernel 4.14.6 \n * Linux kernel 4.14.67 \n * Linux kernel 4.14.7 \n * Linux kernel 4.14.71 \n * Linux kernel 4.14.78 \n * Linux kernel 4.14.8 \n * Linux kernel 4.14.90 \n * Linux kernel 4.15 \n * Linux kernel 4.15-rc4 \n * Linux kernel 4.15-rc5 \n * Linux kernel 4.15-rc8 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16-rc \n * Linux kernel 4.16-rc6 \n * Linux kernel 4.16-rc7 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17-rc2 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18-rc5 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19-rc1 \n * Linux kernel 4.19-rc3 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3-rc1 \n * Linux kernel 4.3.3 \n * Linux kernel 4.4 \n * Linux kernel 4.4-rc1 \n * Linux kernel 4.4-rc4 \n * Linux kernel 4.4-rc5 \n * Linux kernel 4.4.0-57 \n * Linux kernel 4.4.1 \n * Linux kernel 4.4.105 \n * Linux kernel 4.4.125 \n * Linux kernel 4.4.14 \n * Linux kernel 4.4.157 \n * Linux kernel 4.4.177 \n * Linux kernel 4.4.180 \n * Linux kernel 4.4.2 \n * Linux kernel 4.4.22 \n * Linux kernel 4.4.23 \n * Linux kernel 4.4.24 \n * Linux kernel 4.4.25 \n * Linux kernel 4.4.26 \n * Linux kernel 4.4.27 \n * Linux kernel 4.4.28 \n * Linux kernel 4.4.29 \n * Linux kernel 4.4.30 \n * Linux kernel 4.4.38 \n * Linux kernel 4.4.7 \n * Linux kernel 4.5 \n * Linux kernel 4.5-rc1 \n * Linux kernel 4.5-rc2 \n * Linux kernel 4.5-rc4 \n * Linux kernel 4.5-rc7 \n * Linux kernel 4.5.5 \n * Linux kernel 4.6 \n * Linux kernel 4.6 rc6 \n * Linux kernel 4.6 rc7 \n * Linux kernel 4.6-rc1 \n * Linux kernel 4.6.1 \n * Linux kernel 4.6.2 \n * Linux kernel 4.6.3 \n * Linux kernel 4.7 \n * Linux kernel 4.7-rc1 \n * Linux kernel 4.7-rc5 \n * Linux kernel 4.7-rc6 \n * Linux kernel 4.7.4 \n * Linux kernel 4.7.9 \n * Linux kernel 4.8 \n * Linux kernel 4.8 rc1 \n * Linux kernel 4.8.1 \n * Linux kernel 4.8.11 \n * Linux kernel 4.8.12 \n * Linux kernel 4.8.13 \n * Linux kernel 4.8.14 \n * Linux kernel 4.8.3 \n * Linux kernel 4.8.6 \n * Linux kernel 4.8.7 \n * Linux kernel 4.9 \n * Linux kernel 4.9-rc1 \n * Linux kernel 4.9-rc3 \n * Linux kernel 4.9-rc4 \n * Linux kernel 4.9-rc8 \n * Linux kernel 4.9.11 \n * Linux kernel 4.9.128 \n * Linux kernel 4.9.13 \n * Linux kernel 4.9.135 \n * Linux kernel 4.9.166 \n * Linux kernel 4.9.177 \n * Linux kernel 4.9.3 \n * Linux kernel 4.9.36 \n * Linux kernel 4.9.4 \n * Linux kernel 4.9.68 \n * Linux kernel 4.9.71 \n * Linux kernel 4.9.74 \n * Linux kernel 4.9.8 \n * Linux kernel 4.9.9 \n * Linux kernel 4.9.91 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.21 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nAllow only trusted individuals to have user accounts and local access to the resources. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-04-01T00:00:00", "type": "symantec", "title": "Linux Kernel CVE-2019-20096 Memory Leak Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-20096"], "modified": "2019-04-01T00:00:00", "id": "SMNTC-111315", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111315", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:02:20", "description": "### Description\n\nLinux Kernel is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. Linux Kernel versions through 5.4.6 are vulnerable.\n\n### Technologies Affected\n\n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14-rc1 \n * Linux kernel 3.14-rc2 \n * Linux kernel 3.14-rc3 \n * Linux kernel 3.14-rc4 \n * Linux kernel 3.14-rc5 \n * Linux kernel 3.14-rc7 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15-rc1 \n * Linux kernel 3.15-rc2 \n * Linux kernel 3.15-rc3 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.17 \n * Linux kernel 3.17-rc3 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0-rc1 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1-rc1 \n * Linux kernel 4.1-rc3 \n * Linux kernel 4.1-rc6 \n * Linux kernel 4.1-rc7 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.1.47 \n * Linux kernel 4.10-rc1 \n * Linux kernel 4.10-rc8 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.15 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.10.5 \n * Linux kernel 4.10.6 \n * Linux kernel 4.10.7 \n * Linux kernel 4.10.8 \n * Linux kernel 4.10.9 \n * Linux kernel 4.11 \n * Linux kernel 4.11-rc1 \n * Linux kernel 4.11-rc2 \n * Linux kernel 4.11-rc3 \n * Linux kernel 4.11-rc4 \n * Linux kernel 4.11-rc5 \n * Linux kernel 4.11-rc6 \n * Linux kernel 4.11-rc7 \n * Linux kernel 4.11-rc8 \n * Linux kernel 4.11.0 \n * Linux kernel 4.11.1 \n * Linux kernel 4.11.2 \n * Linux kernel 4.11.3 \n * Linux kernel 4.11.4 \n * Linux kernel 4.11.5 \n * Linux kernel 4.11.7 \n * Linux kernel 4.11.8 \n * Linux kernel 4.11.9 \n * Linux kernel 4.12 \n * Linux kernel 4.12-rc1 \n * Linux kernel 4.12.1 \n * Linux kernel 4.12.10 \n * Linux kernel 4.12.2 \n * Linux kernel 4.12.3 \n * Linux kernel 4.12.4 \n * Linux kernel 4.12.9 \n * Linux kernel 4.13 \n * Linux kernel 4.13-rc1 \n * Linux kernel 4.13-rc4 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.14 \n * Linux kernel 4.14-rc1 \n * Linux kernel 4.14-rc5 \n * Linux kernel 4.14.0-rc1 \n * Linux kernel 4.14.1 \n * Linux kernel 4.14.10 \n * Linux kernel 4.14.109 \n * Linux kernel 4.14.11 \n * Linux kernel 4.14.114 \n * Linux kernel 4.14.120 \n * Linux kernel 4.14.13 \n * Linux kernel 4.14.14 \n * Linux kernel 4.14.15 \n * Linux kernel 4.14.2 \n * Linux kernel 4.14.3 \n * Linux kernel 4.14.31 \n * Linux kernel 4.14.4 \n * Linux kernel 4.14.5 \n * Linux kernel 4.14.6 \n * Linux kernel 4.14.67 \n * Linux kernel 4.14.7 \n * Linux kernel 4.14.71 \n * Linux kernel 4.14.78 \n * Linux kernel 4.14.8 \n * Linux kernel 4.14.90 \n * Linux kernel 4.15 \n * Linux kernel 4.15-rc4 \n * Linux kernel 4.15-rc5 \n * Linux kernel 4.15-rc8 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16-rc \n * Linux kernel 4.16-rc6 \n * Linux kernel 4.16-rc7 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17-rc2 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18-rc5 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19-rc1 \n * Linux kernel 4.19-rc3 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3-rc1 \n * Linux kernel 4.3.3 \n * Linux kernel 4.4 \n * Linux kernel 4.4-rc1 \n * Linux kernel 4.4-rc4 \n * Linux kernel 4.4-rc5 \n * Linux kernel 4.4.0-57 \n * Linux kernel 4.4.1 \n * Linux kernel 4.4.105 \n * Linux kernel 4.4.125 \n * Linux kernel 4.4.14 \n * Linux kernel 4.4.157 \n * Linux kernel 4.4.177 \n * Linux kernel 4.4.180 \n * Linux kernel 4.4.2 \n * Linux kernel 4.4.22 \n * Linux kernel 4.4.23 \n * Linux kernel 4.4.24 \n * Linux kernel 4.4.25 \n * Linux kernel 4.4.26 \n * Linux kernel 4.4.27 \n * Linux kernel 4.4.28 \n * Linux kernel 4.4.29 \n * Linux kernel 4.4.30 \n * Linux kernel 4.4.38 \n * Linux kernel 4.4.7 \n * Linux kernel 4.5 \n * Linux kernel 4.5-rc1 \n * Linux kernel 4.5-rc2 \n * Linux kernel 4.5-rc4 \n * Linux kernel 4.5-rc7 \n * Linux kernel 4.5.5 \n * Linux kernel 4.6 \n * Linux kernel 4.6 rc6 \n * Linux kernel 4.6 rc7 \n * Linux kernel 4.6-rc1 \n * Linux kernel 4.6.1 \n * Linux kernel 4.6.2 \n * Linux kernel 4.6.3 \n * Linux kernel 4.7 \n * Linux kernel 4.7-rc1 \n * Linux kernel 4.7-rc5 \n * Linux kernel 4.7-rc6 \n * Linux kernel 4.7.4 \n * Linux kernel 4.7.9 \n * Linux kernel 4.8 \n * Linux kernel 4.8 rc1 \n * Linux kernel 4.8.1 \n * Linux kernel 4.8.11 \n * Linux kernel 4.8.12 \n * Linux kernel 4.8.13 \n * Linux kernel 4.8.14 \n * Linux kernel 4.8.3 \n * Linux kernel 4.8.6 \n * Linux kernel 4.8.7 \n * Linux kernel 4.9 \n * Linux kernel 4.9-rc1 \n * Linux kernel 4.9-rc3 \n * Linux kernel 4.9-rc4 \n * Linux kernel 4.9-rc8 \n * Linux kernel 4.9.11 \n * Linux kernel 4.9.128 \n * Linux kernel 4.9.13 \n * Linux kernel 4.9.135 \n * Linux kernel 4.9.166 \n * Linux kernel 4.9.177 \n * Linux kernel 4.9.3 \n * Linux kernel 4.9.36 \n * Linux kernel 4.9.4 \n * Linux kernel 4.9.68 \n * Linux kernel 4.9.71 \n * Linux kernel 4.9.74 \n * Linux kernel 4.9.8 \n * Linux kernel 4.9.9 \n * Linux kernel 4.9.91 \n * Linux kernel 5.0 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.10 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n * Linux kernel 5.3.1 \n * Linux kernel 5.3.10 \n * Linux kernel 5.3.11 \n * Linux kernel 5.3.12 \n * Linux kernel 5.3.13 \n * Linux kernel 5.3.2 \n * Linux kernel 5.3.4 \n * Linux kernel 5.3.5 \n * Linux kernel 5.3.6 \n * Linux kernel 5.3.7 \n * Linux kernel 5.3.8 \n * Linux kernel 5.3.9 \n * Linux kernel 5.4.0-rc2 \n * Linux kernel 5.4.1 \n * Linux kernel 5.4.2 \n * Linux kernel 5.4.3 \n * Linux kernel 5.4.4 \n * Linux kernel 5.4.5 \n * Linux kernel 5.4.6 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nAllow only trusted individuals to have user accounts and local access to the resources. \n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-09T00:00:00", "type": "symantec", "title": "Linux Kernel CVE-2019-19965 Null Pointer Dereference Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-19965"], "modified": "2019-12-09T00:00:00", "id": "SMNTC-111286", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111286", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-06-08T19:02:19", "description": "### Description\n\nLinux Kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users.\n\n### Technologies Affected\n\n * Linux kernel 2.0.0 \n * Linux kernel 2.0.1 \n * Linux kernel 2.0.10 \n * Linux kernel 2.0.11 \n * Linux kernel 2.0.12 \n * Linux kernel 2.0.13 \n * Linux kernel 2.0.14 \n * Linux kernel 2.0.15 \n * Linux kernel 2.0.16 \n * Linux kernel 2.0.17 \n * Linux kernel 2.0.18 \n * Linux kernel 2.0.19 \n * Linux kernel 2.0.2 \n * Linux kernel 2.0.20 \n * Linux kernel 2.0.21 \n * Linux kernel 2.0.22 \n * Linux kernel 2.0.23 \n * Linux kernel 2.0.24 \n * Linux kernel 2.0.25 \n * Linux kernel 2.0.26 \n * Linux kernel 2.0.27 \n * Linux kernel 2.0.28 \n * Linux kernel 2.0.29 \n * Linux kernel 2.0.3 \n * Linux kernel 2.0.30 \n * Linux kernel 2.0.31 \n * Linux kernel 2.0.32 \n * Linux kernel 2.0.33 \n * Linux kernel 2.0.34 \n * Linux kernel 2.0.35 \n * Linux kernel 2.0.36 \n * Linux kernel 2.0.37 \n * Linux kernel 2.0.38 \n * Linux kernel 2.0.39 \n * Linux kernel 2.0.4 \n * Linux kernel 2.0.40 \n * Linux kernel 2.0.5 \n * Linux kernel 2.0.6 \n * Linux kernel 2.0.7 \n * Linux kernel 2.0.8 \n * Linux kernel 2.0.9 \n * Linux kernel 2.1.0 \n * Linux kernel 2.1.132 \n * Linux kernel 2.1.89 \n * Linux kernel 2.2.0 \n * Linux kernel 2.2.1 \n * Linux kernel 2.2.10 \n * Linux kernel 2.2.11 \n * Linux kernel 2.2.12 \n * Linux kernel 2.2.13 \n * Linux kernel 2.2.14 \n * Linux kernel 2.2.15 \n * Linux kernel 2.2.16 \n * Linux kernel 2.2.17 \n * Linux kernel 2.2.18 \n * Linux kernel 2.2.19 \n * Linux kernel 2.2.2 \n * Linux kernel 2.2.20 \n * Linux kernel 2.2.21 \n * Linux kernel 2.2.22 \n * Linux kernel 2.2.23 \n * Linux kernel 2.2.24 \n * Linux kernel 2.2.25 \n * Linux kernel 2.2.26 \n * Linux kernel 2.2.3 \n * Linux kernel 2.2.4 \n * Linux kernel 2.2.5 \n * Linux kernel 2.2.6 \n * Linux kernel 2.2.7 \n * Linux kernel 2.2.8 \n * Linux kernel 2.2.9 \n * Linux kernel 2.3.0 \n * Linux kernel 2.3.1 \n * Linux kernel 2.3.10 \n * Linux kernel 2.3.11 \n * Linux kernel 2.3.12 \n * Linux kernel 2.3.13 \n * Linux kernel 2.3.14 \n * Linux kernel 2.3.15 \n * Linux kernel 2.3.16 \n * Linux kernel 2.3.17 \n * Linux kernel 2.3.18 \n * Linux kernel 2.3.19 \n * Linux kernel 2.3.2 \n * Linux kernel 2.3.20 \n * Linux kernel 2.3.21 \n * Linux kernel 2.3.22 \n * Linux kernel 2.3.23 \n * Linux kernel 2.3.24 \n * Linux kernel 2.3.25 \n * Linux kernel 2.3.26 \n * Linux kernel 2.3.27 \n * Linux kernel 2.3.28 \n * Linux kernel 2.3.29 \n * Linux kernel 2.3.3 \n * Linux kernel 2.3.30 \n * Linux kernel 2.3.31 \n * Linux kernel 2.3.32 \n * Linux kernel 2.3.33 \n * Linux kernel 2.3.34 \n * Linux kernel 2.3.35 \n * Linux kernel 2.3.36 \n * Linux kernel 2.3.37 \n * Linux kernel 2.3.38 \n * Linux kernel 2.3.39 \n * Linux kernel 2.3.4 \n * Linux kernel 2.3.40 \n * Linux kernel 2.3.41 \n * Linux kernel 2.3.42 \n * Linux kernel 2.3.43 \n * Linux kernel 2.3.44 \n * Linux kernel 2.3.45 \n * Linux kernel 2.3.46 \n * Linux kernel 2.3.47 \n * Linux kernel 2.3.48 \n * Linux kernel 2.3.49 \n * Linux kernel 2.3.5 \n * Linux kernel 2.3.50 \n * Linux kernel 2.3.51 \n * Linux kernel 2.3.6 \n * Linux kernel 2.3.7 \n * Linux kernel 2.3.8 \n * Linux kernel 2.3.9 \n * Linux kernel 2.3.99 \n * Linux kernel 2.4.0 \n * Linux kernel 2.4.1 \n * Linux kernel 2.4.10 \n * Linux kernel 2.4.11 \n * Linux kernel 2.4.12 \n * Linux kernel 2.4.13 \n * Linux kernel 2.4.14 \n * Linux kernel 2.4.15 \n * Linux kernel 2.4.16 \n * Linux kernel 2.4.17 \n * Linux kernel 2.4.18 \n * Linux kernel 2.4.19 \n * Linux kernel 2.4.2 \n * Linux kernel 2.4.3 \n * Linux kernel 2.4.33.1 \n * Linux kernel 2.4.33.3 \n * Linux kernel 2.4.33.4 \n * Linux kernel 2.4.33.5 \n * Linux kernel 2.4.33.6 \n * Linux kernel 2.4.33.7 \n * Linux kernel 2.4.4 \n * Linux kernel 2.4.5 \n * Linux kernel 2.5.13 \n * Linux kernel 2.5.14 \n * Linux kernel 2.5.15 \n * Linux kernel 2.5.16 \n * Linux kernel 2.5.17 \n * Linux kernel 2.5.18 \n * Linux kernel 2.5.19 \n * Linux kernel 2.5.2 \n * Linux kernel 2.5.20 \n * Linux kernel 2.5.21 \n * Linux kernel 2.5.22 \n * Linux kernel 2.5.23 \n * Linux kernel 2.5.24 \n * Linux kernel 2.5.25 \n * Linux kernel 2.5.26 \n * Linux kernel 2.5.27 \n * Linux kernel 2.5.28 \n * Linux kernel 2.5.29 \n * Linux kernel 2.5.3 \n * Linux kernel 2.5.30 \n * Linux kernel 2.5.31 \n * Linux kernel 2.5.32 \n * Linux kernel 2.5.33 \n * Linux kernel 2.5.34 \n * Linux kernel 2.5.35 \n * Linux kernel 2.5.36 \n * Linux kernel 2.5.37 \n * Linux kernel 2.5.38 \n * Linux kernel 2.5.39 \n * Linux kernel 2.5.4 \n * Linux kernel 2.5.40 \n * Linux kernel 2.5.41 \n * Linux kernel 2.5.42 \n * Linux kernel 2.5.43 \n * Linux kernel 2.5.44 \n * Linux kernel 2.5.45 \n * Linux kernel 2.5.46 \n * Linux kernel 2.5.47 \n * Linux kernel 2.5.48 \n * Linux kernel 2.5.49 \n * Linux kernel 2.5.5 \n * Linux kernel 2.5.50 \n * Linux kernel 2.5.51 \n * Linux kernel 2.5.52 \n * Linux kernel 2.5.53 \n * Linux kernel 2.5.54 \n * Linux kernel 2.5.55 \n * Linux kernel 2.5.56 \n * Linux kernel 2.5.57 \n * Linux kernel 2.5.58 \n * Linux kernel 2.5.59 \n * Linux kernel 2.5.6 \n * Linux kernel 2.5.60 \n * Linux kernel 2.5.61 \n * Linux kernel 2.5.62 \n * Linux kernel 2.5.63 \n * Linux kernel 2.5.64 \n * Linux kernel 2.5.65 \n * Linux kernel 2.5.66 \n * Linux kernel 2.5.67 \n * Linux kernel 2.5.68 \n * Linux kernel 2.5.69 \n * Linux kernel 2.5.7 \n * Linux kernel 2.5.8 \n * Linux kernel 2.5.9 \n * Linux kernel 2.6.13.1 \n * Linux kernel 2.6.13.2 \n * Linux kernel 2.6.13.3 \n * Linux kernel 2.6.13.4 \n * Linux kernel 2.6.13.5 \n * Linux kernel 2.6.15.1 \n * Linux kernel 2.6.15.11 \n * Linux kernel 2.6.15.2 \n * Linux kernel 2.6.15.3 \n * Linux kernel 2.6.15.4 \n * Linux kernel 2.6.15.5 \n * Linux kernel 2.6.15.6 \n * Linux kernel 2.6.15.7 \n * Linux kernel 2.6.23.09 \n * Linux kernel 2.6.23.1 \n * Linux kernel 2.6.23.10 \n * Linux kernel 2.6.23.14 \n * Linux kernel 2.6.23.2 \n * Linux kernel 2.6.23.3 \n * Linux kernel 2.6.23.4 \n * Linux kernel 2.6.23.5 \n * Linux kernel 2.6.23.6 \n * Linux kernel 2.6.23.7 \n * Linux kernel 2.6.25.10 \n * Linux kernel 2.6.25.11 \n * Linux kernel 2.6.25.12 \n * Linux kernel 2.6.25.13 \n * Linux kernel 2.6.25.5 \n * Linux kernel 2.6.25.6 \n * Linux kernel 2.6.25.7 \n * Linux kernel 2.6.25.8 \n * Linux kernel 2.6.25.9 \n * Linux kernel 2.6.33.1 \n * Linux kernel 2.6.33.7 \n * Linux kernel 3.0 \n * Linux kernel 3.0-rc1 \n * Linux kernel 3.0-rc4-git1 \n * Linux kernel 3.0.1 \n * Linux kernel 3.0.18 \n * Linux kernel 3.0.2 \n * Linux kernel 3.0.34 \n * Linux kernel 3.0.37 \n * Linux kernel 3.0.4 \n * Linux kernel 3.0.5 \n * Linux kernel 3.0.58 \n * Linux kernel 3.0.59 \n * Linux kernel 3.0.60 \n * Linux kernel 3.0.62 \n * Linux kernel 3.0.65 \n * Linux kernel 3.0.66 \n * Linux kernel 3.0.69 \n * Linux kernel 3.0.72 \n * Linux kernel 3.0.75 \n * Linux kernel 3.0.98 \n * Linux kernel 3.1 \n * Linux kernel 3.1-rc1 \n * Linux kernel 3.1.8 \n * Linux kernel 3.10 \n * Linux kernel 3.10-rc5 \n * Linux kernel 3.10.0 \n * Linux kernel 3.10.1 \n * Linux kernel 3.10.10 \n * Linux kernel 3.10.14 \n * Linux kernel 3.10.17 \n * Linux kernel 3.10.20 \n * Linux kernel 3.10.21 \n * Linux kernel 3.10.22 \n * Linux kernel 3.10.23 \n * Linux kernel 3.10.26 \n * Linux kernel 3.10.27 \n * Linux kernel 3.10.30 \n * Linux kernel 3.10.31 \n * Linux kernel 3.10.36 \n * Linux kernel 3.10.37 \n * Linux kernel 3.10.38 \n * Linux kernel 3.10.41 \n * Linux kernel 3.10.43 \n * Linux kernel 3.10.45 \n * Linux kernel 3.10.5 \n * Linux kernel 3.10.7 \n * Linux kernel 3.10.73 \n * Linux kernel 3.10.81 \n * Linux kernel 3.10.9 \n * Linux kernel 3.10.90 \n * Linux kernel 3.11 \n * Linux kernel 3.11-rc1 \n * Linux kernel 3.11-rc4 \n * Linux kernel 3.11-rc7 \n * Linux kernel 3.11.3 \n * Linux kernel 3.11.6 \n * Linux kernel 3.11.9 \n * Linux kernel 3.12 \n * Linux kernel 3.12.1 \n * Linux kernel 3.12.11 \n * Linux kernel 3.12.12 \n * Linux kernel 3.12.14 \n * Linux kernel 3.12.15 \n * Linux kernel 3.12.16 \n * Linux kernel 3.12.17 \n * Linux kernel 3.12.18 \n * Linux kernel 3.12.2 \n * Linux kernel 3.12.21 \n * Linux kernel 3.12.22 \n * Linux kernel 3.12.3 \n * Linux kernel 3.12.4 \n * Linux kernel 3.12.40 \n * Linux kernel 3.12.44 \n * Linux kernel 3.12.48 \n * Linux kernel 3.12.49 \n * Linux kernel 3.12.7 \n * Linux kernel 3.13 \n * Linux kernel 3.13-rc1 \n * Linux kernel 3.13-rc4-next-20131218 \n * Linux kernel 3.13.0 \n * Linux kernel 3.13.1 \n * Linux kernel 3.13.11 \n * Linux kernel 3.13.11-ckt27 \n * Linux kernel 3.13.11-ckt28 \n * Linux kernel 3.13.3 \n * Linux kernel 3.13.4 \n * Linux kernel 3.13.5 \n * Linux kernel 3.13.6 \n * Linux kernel 3.13.7 \n * Linux kernel 3.13.9 \n * Linux kernel 3.14 \n * Linux kernel 3.14-1 \n * Linux kernel 3.14-4 \n * Linux kernel 3.14-rc1 \n * Linux kernel 3.14-rc2 \n * Linux kernel 3.14-rc3 \n * Linux kernel 3.14-rc4 \n * Linux kernel 3.14-rc5 \n * Linux kernel 3.14-rc7 \n * Linux kernel 3.14.2 \n * Linux kernel 3.14.3 \n * Linux kernel 3.14.37 \n * Linux kernel 3.14.4 \n * Linux kernel 3.14.45 \n * Linux kernel 3.14.5 \n * Linux kernel 3.14.54 \n * Linux kernel 3.14.7 \n * Linux kernel 3.14.73 \n * Linux kernel 3.14.79 \n * Linux kernel 3.15 \n * Linux kernel 3.15-rc1 \n * Linux kernel 3.15-rc2 \n * Linux kernel 3.15-rc3 \n * Linux kernel 3.15.10 \n * Linux kernel 3.15.2 \n * Linux kernel 3.15.5 \n * Linux kernel 3.15.6-200.fc20 \n * Linux kernel 3.16 \n * Linux kernel 3.16.0-28 \n * Linux kernel 3.16.1 \n * Linux kernel 3.16.2 \n * Linux kernel 3.16.36 \n * Linux kernel 3.16.58 \n * Linux kernel 3.16.6 \n * Linux kernel 3.16.7 \n * Linux kernel 3.16.7-ckt17 \n * Linux kernel 3.16.7-ckt18 \n * Linux kernel 3.16.7-ckt2-1 \n * Linux kernel 3.16.7-ckt7-1 \n * Linux kernel 3.16.7-ckt9-2 \n * Linux kernel 3.17 \n * Linux kernel 3.17-rc3 \n * Linux kernel 3.17.2 \n * Linux kernel 3.17.4 \n * Linux kernel 3.17.6 \n * Linux kernel 3.18 \n * Linux kernel 3.18.1 \n * Linux kernel 3.18.11 \n * Linux kernel 3.18.137 \n * Linux kernel 3.18.140 \n * Linux kernel 3.18.17 \n * Linux kernel 3.18.2 \n * Linux kernel 3.18.22 \n * Linux kernel 3.18.3 \n * Linux kernel 3.18.7 \n * Linux kernel 3.18.8 \n * Linux kernel 3.18.9 \n * Linux kernel 3.19 \n * Linux kernel 3.19-rc \n * Linux kernel 3.19-rc2 \n * Linux kernel 3.19-rc7 \n * Linux kernel 3.19.2 \n * Linux kernel 3.19.3 \n * Linux kernel 3.2 \n * Linux kernel 3.2.1 \n * Linux kernel 3.2.102 \n * Linux kernel 3.2.12 \n * Linux kernel 3.2.13 \n * Linux kernel 3.2.2 \n * Linux kernel 3.2.23 \n * Linux kernel 3.2.24 \n * Linux kernel 3.2.38 \n * Linux kernel 3.2.42 \n * Linux kernel 3.2.44 \n * Linux kernel 3.2.50 \n * Linux kernel 3.2.51 \n * Linux kernel 3.2.52 \n * Linux kernel 3.2.53 \n * Linux kernel 3.2.54 \n * Linux kernel 3.2.55 \n * Linux kernel 3.2.56 \n * Linux kernel 3.2.57 \n * Linux kernel 3.2.60 \n * Linux kernel 3.2.62 \n * Linux kernel 3.2.63 \n * Linux kernel 3.2.63-2 \n * Linux kernel 3.2.64 \n * Linux kernel 3.2.65 \n * Linux kernel 3.2.72 \n * Linux kernel 3.2.78 \n * Linux kernel 3.2.81 \n * Linux kernel 3.2.82 \n * Linux kernel 3.2.9 \n * Linux kernel 3.3 \n * Linux kernel 3.3-rc1 \n * Linux kernel 3.3.2 \n * Linux kernel 3.3.4 \n * Linux kernel 3.3.5 \n * Linux kernel 3.4 \n * Linux kernel 3.4.1 \n * Linux kernel 3.4.10 \n * Linux kernel 3.4.11 \n * Linux kernel 3.4.12 \n * Linux kernel 3.4.13 \n * Linux kernel 3.4.14 \n * Linux kernel 3.4.15 \n * Linux kernel 3.4.16 \n * Linux kernel 3.4.17 \n * Linux kernel 3.4.18 \n * Linux kernel 3.4.19 \n * Linux kernel 3.4.2 \n * Linux kernel 3.4.20 \n * Linux kernel 3.4.21 \n * Linux kernel 3.4.25 \n * Linux kernel 3.4.26 \n * Linux kernel 3.4.27 \n * Linux kernel 3.4.29 \n * Linux kernel 3.4.3 \n * Linux kernel 3.4.31 \n * Linux kernel 3.4.32 \n * Linux kernel 3.4.36 \n * Linux kernel 3.4.4 \n * Linux kernel 3.4.42 \n * Linux kernel 3.4.5 \n * Linux kernel 3.4.58 \n * Linux kernel 3.4.6 \n * Linux kernel 3.4.64 \n * Linux kernel 3.4.67 \n * Linux kernel 3.4.7 \n * Linux kernel 3.4.70 \n * Linux kernel 3.4.71 \n * Linux kernel 3.4.72 \n * Linux kernel 3.4.73 \n * Linux kernel 3.4.76 \n * Linux kernel 3.4.8 \n * Linux kernel 3.4.80 \n * Linux kernel 3.4.81 \n * Linux kernel 3.4.86 \n * Linux kernel 3.4.87 \n * Linux kernel 3.4.88 \n * Linux kernel 3.4.9 \n * Linux kernel 3.4.93 \n * Linux kernel 3.5 \n * Linux kernel 3.5-rc1 \n * Linux kernel 3.5.1 \n * Linux kernel 3.5.2 \n * Linux kernel 3.5.3 \n * Linux kernel 3.5.4 \n * Linux kernel 3.5.5 \n * Linux kernel 3.5.6 \n * Linux kernel 3.5.7 \n * Linux kernel 3.6 \n * Linux kernel 3.6-rc1 \n * Linux kernel 3.6.1 \n * Linux kernel 3.6.10 \n * Linux kernel 3.6.11 \n * Linux kernel 3.6.2 \n * Linux kernel 3.6.3 \n * Linux kernel 3.6.4 \n * Linux kernel 3.6.5 \n * Linux kernel 3.6.6 \n * Linux kernel 3.6.7 \n * Linux kernel 3.6.8 \n * Linux kernel 3.6.9 \n * Linux kernel 3.7 \n * Linux kernel 3.7-rc1 \n * Linux kernel 3.7.1 \n * Linux kernel 3.7.10 \n * Linux kernel 3.7.2 \n * Linux kernel 3.7.3 \n * Linux kernel 3.7.4 \n * Linux kernel 3.7.5 \n * Linux kernel 3.7.6 \n * Linux kernel 3.7.7 \n * Linux kernel 3.7.8 \n * Linux kernel 3.7.9 \n * Linux kernel 3.8 \n * Linux kernel 3.8-rc1 \n * Linux kernel 3.8.1 \n * Linux kernel 3.8.2 \n * Linux kernel 3.8.4 \n * Linux kernel 3.8.5 \n * Linux kernel 3.8.6 \n * Linux kernel 3.8.9 \n * Linux kernel 3.9 \n * Linux kernel 3.9-rc1 \n * Linux kernel 3.9-rc3 \n * Linux kernel 3.9-rc7 \n * Linux kernel 3.9-rc8 \n * Linux kernel 3.9.4 \n * Linux kernel 3.9.8 \n * Linux kernel 4.0 \n * Linux kernel 4.0-rc1 \n * Linux kernel 4.0.5 \n * Linux kernel 4.0.6 \n * Linux kernel 4.1 \n * Linux kernel 4.1-rc1 \n * Linux kernel 4.1-rc3 \n * Linux kernel 4.1-rc6 \n * Linux kernel 4.1-rc7 \n * Linux kernel 4.1.1 \n * Linux kernel 4.1.15 \n * Linux kernel 4.1.4 \n * Linux kernel 4.1.47 \n * Linux kernel 4.1.51 \n * Linux kernel 4.10-rc1 \n * Linux kernel 4.10-rc8 \n * Linux kernel 4.10.0 \n * Linux kernel 4.10.1 \n * Linux kernel 4.10.10 \n * Linux kernel 4.10.11 \n * Linux kernel 4.10.12 \n * Linux kernel 4.10.13 \n * Linux kernel 4.10.15 \n * Linux kernel 4.10.2 \n * Linux kernel 4.10.3 \n * Linux kernel 4.10.4 \n * Linux kernel 4.10.5 \n * Linux kernel 4.10.6 \n * Linux kernel 4.10.7 \n * Linux kernel 4.10.8 \n * Linux kernel 4.10.9 \n * Linux kernel 4.11 \n * Linux kernel 4.11-rc1 \n * Linux kernel 4.11-rc2 \n * Linux kernel 4.11-rc3 \n * Linux kernel 4.11-rc4 \n * Linux kernel 4.11-rc5 \n * Linux kernel 4.11-rc6 \n * Linux kernel 4.11-rc7 \n * Linux kernel 4.11-rc8 \n * Linux kernel 4.11.0 \n * Linux kernel 4.11.1 \n * Linux kernel 4.11.2 \n * Linux kernel 4.11.3 \n * Linux kernel 4.11.4 \n * Linux kernel 4.11.5 \n * Linux kernel 4.11.7 \n * Linux kernel 4.11.8 \n * Linux kernel 4.11.9 \n * Linux kernel 4.12 \n * Linux kernel 4.12-rc1 \n * Linux kernel 4.12.1 \n * Linux kernel 4.12.10 \n * Linux kernel 4.12.2 \n * Linux kernel 4.12.3 \n * Linux kernel 4.12.4 \n * Linux kernel 4.12.9 \n * Linux kernel 4.13 \n * Linux kernel 4.13-rc1 \n * Linux kernel 4.13-rc4 \n * Linux kernel 4.13.1 \n * Linux kernel 4.13.10 \n * Linux kernel 4.13.11 \n * Linux kernel 4.13.14 \n * Linux kernel 4.13.2 \n * Linux kernel 4.13.3 \n * Linux kernel 4.13.4 \n * Linux kernel 4.13.5 \n * Linux kernel 4.13.6 \n * Linux kernel 4.13.7 \n * Linux kernel 4.13.8 \n * Linux kernel 4.13.9 \n * Linux kernel 4.14 \n * Linux kernel 4.14-rc1 \n * Linux kernel 4.14-rc5 \n * Linux kernel 4.14.0-rc1 \n * Linux kernel 4.14.1 \n * Linux kernel 4.14.10 \n * Linux kernel 4.14.109 \n * Linux kernel 4.14.11 \n * Linux kernel 4.14.114 \n * Linux kernel 4.14.120 \n * Linux kernel 4.14.13 \n * Linux kernel 4.14.14 \n * Linux kernel 4.14.15 \n * Linux kernel 4.14.2 \n * Linux kernel 4.14.25 \n * Linux kernel 4.14.3 \n * Linux kernel 4.14.31 \n * Linux kernel 4.14.4 \n * Linux kernel 4.14.5 \n * Linux kernel 4.14.6 \n * Linux kernel 4.14.67 \n * Linux kernel 4.14.7 \n * Linux kernel 4.14.71 \n * Linux kernel 4.14.78 \n * Linux kernel 4.14.8 \n * Linux kernel 4.14.90 \n * Linux kernel 4.15 \n * Linux kernel 4.15-rc4 \n * Linux kernel 4.15-rc5 \n * Linux kernel 4.15-rc8 \n * Linux kernel 4.15.0 \n * Linux kernel 4.15.11 \n * Linux kernel 4.15.14 \n * Linux kernel 4.15.16 \n * Linux kernel 4.15.4 \n * Linux kernel 4.15.7 \n * Linux kernel 4.15.8 \n * Linux kernel 4.15.9 \n * Linux kernel 4.16 \n * Linux kernel 4.16-rc \n * Linux kernel 4.16-rc6 \n * Linux kernel 4.16-rc7 \n * Linux kernel 4.16.11 \n * Linux kernel 4.16.3 \n * Linux kernel 4.16.4 \n * Linux kernel 4.16.6 \n * Linux kernel 4.16.7 \n * Linux kernel 4.16.9 \n * Linux kernel 4.17 \n * Linux kernel 4.17-rc2 \n * Linux kernel 4.17.1 \n * Linux kernel 4.17.10 \n * Linux kernel 4.17.11 \n * Linux kernel 4.17.2 \n * Linux kernel 4.17.3 \n * Linux kernel 4.17.4 \n * Linux kernel 4.17.7 \n * Linux kernel 4.18 \n * Linux kernel 4.18-rc5 \n * Linux kernel 4.18.1 \n * Linux kernel 4.18.11 \n * Linux kernel 4.18.12 \n * Linux kernel 4.18.16 \n * Linux kernel 4.18.5 \n * Linux kernel 4.18.6 \n * Linux kernel 4.18.7 \n * Linux kernel 4.18.9 \n * Linux kernel 4.19 \n * Linux kernel 4.19-rc1 \n * Linux kernel 4.19-rc3 \n * Linux kernel 4.19.13 \n * Linux kernel 4.19.19 \n * Linux kernel 4.19.2 \n * Linux kernel 4.19.23 \n * Linux kernel 4.19.3 \n * Linux kernel 4.19.32 \n * Linux kernel 4.19.37 \n * Linux kernel 4.19.44 \n * Linux kernel 4.19.6 \n * Linux kernel 4.19.8 \n * Linux kernel 4.19.9 \n * Linux kernel 4.2 \n * Linux kernel 4.2.3 \n * Linux kernel 4.2.8 \n * Linux kernel 4.20 \n * Linux kernel 4.20.10 \n * Linux kernel 4.20.12 \n * Linux kernel 4.20.14 \n * Linux kernel 4.20.15 \n * Linux kernel 4.20.2 \n * Linux kernel 4.20.5 \n * Linux kernel 4.20.6 \n * Linux kernel 4.20.8 \n * Linux kernel 4.3-rc1 \n * Linux kernel 4.3.3 \n * Linux kernel 4.4 \n * Linux kernel 4.4-rc1 \n * Linux kernel 4.4-rc4 \n * Linux kernel 4.4-rc5 \n * Linux kernel 4.4.0-57 \n * Linux kernel 4.4.1 \n * Linux kernel 4.4.105 \n * Linux kernel 4.4.121 \n * Linux kernel 4.4.125 \n * Linux kernel 4.4.14 \n * Linux kernel 4.4.157 \n * Linux kernel 4.4.177 \n * Linux kernel 4.4.180 \n * Linux kernel 4.4.194 \n * Linux kernel 4.4.195 \n * Linux kernel 4.4.2 \n * Linux kernel 4.4.22 \n * Linux kernel 4.4.23 \n * Linux kernel 4.4.24 \n * Linux kernel 4.4.25 \n * Linux kernel 4.4.26 \n * Linux kernel 4.4.27 \n * Linux kernel 4.4.28 \n * Linux kernel 4.4.29 \n * Linux kernel 4.4.30 \n * Linux kernel 4.4.38 \n * Linux kernel 4.4.7 \n * Linux kernel 4.5 \n * Linux kernel 4.5-rc1 \n * Linux kernel 4.5-rc2 \n * Linux kernel 4.5-rc4 \n * Linux kernel 4.5-rc7 \n * Linux kernel 4.5.5 \n * Linux kernel 4.6 \n * Linux kernel 4.6 rc6 \n * Linux kernel 4.6 rc7 \n * Linux kernel 4.6-rc1 \n * Linux kernel 4.6.1 \n * Linux kernel 4.6.2 \n * Linux kernel 4.6.3 \n * Linux kernel 4.7 \n * Linux kernel 4.7-rc1 \n * Linux kernel 4.7-rc5 \n * Linux kernel 4.7-rc6 \n * Linux kernel 4.7.4 \n * Linux kernel 4.7.9 \n * Linux kernel 4.8 \n * Linux kernel 4.8 rc1 \n * Linux kernel 4.8.1 \n * Linux kernel 4.8.11 \n * Linux kernel 4.8.12 \n * Linux kernel 4.8.13 \n * Linux kernel 4.8.14 \n * Linux kernel 4.8.3 \n * Linux kernel 4.8.6 \n * Linux kernel 4.8.7 \n * Linux kernel 4.9 \n * Linux kernel 4.9-rc1 \n * Linux kernel 4.9-rc3 \n * Linux kernel 4.9-rc4 \n * Linux kernel 4.9-rc8 \n * Linux kernel 4.9.11 \n * Linux kernel 4.9.128 \n * Linux kernel 4.9.13 \n * Linux kernel 4.9.135 \n * Linux kernel 4.9.166 \n * Linux kernel 4.9.177 \n * Linux kernel 4.9.3 \n * Linux kernel 4.9.36 \n * Linux kernel 4.9.4 \n * Linux kernel 4.9.53 \n * Linux kernel 4.9.6 \n * Linux kernel 4.9.68 \n * Linux kernel 4.9.71 \n * Linux kernel 4.9.74 \n * Linux kernel 4.9.8 \n * Linux kernel 4.9.87 \n * Linux kernel 4.9.9 \n * Linux kernel 4.9.91 \n * Linux kernel 5.0 \n * Linux kernel 5.0.1 \n * Linux kernel 5.0.10 \n * Linux kernel 5.0.11 \n * Linux kernel 5.0.14 \n * Linux kernel 5.0.15 \n * Linux kernel 5.0.17 \n * Linux kernel 5.0.2 \n * Linux kernel 5.0.21 \n * Linux kernel 5.0.3 \n * Linux kernel 5.0.4 \n * Linux kernel 5.0.5 \n * Linux kernel 5.0.6 \n * Linux kernel 5.0.7 \n * Linux kernel 5.0.8 \n * Linux kernel 5.0.9 \n * Linux kernel 5.0rc6 \n * Linux kernel 5.1 \n * Linux kernel 5.1-rc1 \n * Linux kernel 5.1-rc5 \n * Linux kernel 5.1-rc6 \n * Linux kernel 5.1.12 \n * Linux kernel 5.1.13 \n * Linux kernel 5.1.14 \n * Linux kernel 5.1.15 \n * Linux kernel 5.1.17 \n * Linux kernel 5.1.2 \n * Linux kernel 5.1.3 \n * Linux kernel 5.1.5 \n * Linux kernel 5.1.6 \n * Linux kernel 5.1.7 \n * Linux kernel 5.1.8 \n * Linux kernel 5.1.9 \n * Linux kernel 5.2.1 \n * Linux kernel 5.2.10 \n * Linux kernel 5.2.13 \n * Linux kernel 5.2.14 \n * Linux kernel 5.2.17 \n * Linux kernel 5.2.2 \n * Linux kernel 5.2.3 \n * Linux kernel 5.2.6 \n * Linux kernel 5.2.8 \n * Linux kernel 5.2.9 \n * Linux kernel 5.3 \n * Linux kernel 5.3.1 \n * Linux kernel 5.3.10 \n * Linux kernel 5.3.11 \n * Linux kernel 5.3.12 \n * Linux kernel 5.3.13 \n * Linux kernel 5.3.2 \n * Linux kernel 5.3.4 \n * Linux kernel 5.3.5 \n * Linux kernel 5.3.6 \n * Linux kernel 5.3.7 \n * Linux kernel 5.3.8 \n * Linux kernel 5.3.9 \n * Linux kernel 5.4.0-rc2 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux 8 \n\n### Recommendations\n\n**Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.** \nAllow only trusted individuals to have user accounts and local access to the resources.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "cvss3": {}, "published": "2019-12-16T00:00:00", "type": "symantec", "title": "Linux Kernel CVE-2019-19332 Local Denial of Service Vulnerability", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2019-19332"], "modified": "2019-12-16T00:00:00", "id": "SMNTC-111210", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111210", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-06-10T14:09:59", "description": "In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in\nrcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could\ncause a memory disclosure problem.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-06T00:00:00", "type": "ubuntucve", "title": "CVE-2019-18786", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18786"], "modified": "2019-11-06T00:00:00", "id": "UB:CVE-2019-18786", "href": "https://ubuntu.com/security/CVE-2019-18786", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-10T14:08:53", "description": "In the AppleTalk subsystem in the Linux kernel before 5.1, there is a\npotential NULL pointer dereference because register_snap_client may return\nNULL. This will lead to denial of service in net/appletalk/aarp.c and\nnet/appletalk/ddp.c, as demonstrated by unregister_snap_client, aka\nCID-9804501fa122.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-22T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19227", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19227"], "modified": "2019-11-22T00:00:00", "id": "UB:CVE-2019-19227", "href": "https://ubuntu.com/security/CVE-2019-19227", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T14:09:10", "description": "Memory leaks in *create_resource_pool() functions under\ndrivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow\nattackers to cause a denial of service (memory consumption). This affects\nthe dce120_create_resource_pool() function in\ndrivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the\ndce110_create_resource_pool() function in\ndrivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, the\ndce100_create_resource_pool() function in\ndrivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the\ndcn10_create_resource_pool() function in\ndrivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, and the\ndce112_create_resource_pool() function in\ndrivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, aka\nCID-104c307147ad.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19082", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19082"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19082", "href": "https://ubuntu.com/security/CVE-2019-19082", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:10:07", "description": "An issue was discovered in drivers/media/platform/vivid in the Linux kernel\nthrough 5.3.8. It is exploitable for privilege escalation on some Linux\ndistributions where local users have /dev/video0 access, but only if the\ndriver happens to be loaded. There are multiple race conditions during\nstreaming stopping in this driver (part of the V4L2 subsystem). These\nissues are caused by wrong mutex locking in\nvivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(),\nsdr_cap_stop_streaming(), and the corresponding kthreads. At least one of\nthese race conditions leads to a use-after-free.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This rarely used driver module cannot be loaded by an unprivileged user so the impact is lessened\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-04T00:00:00", "type": "ubuntucve", "title": "CVE-2019-18683", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18683"], "modified": "2019-11-04T00:00:00", "id": "UB:CVE-2019-18683", "href": "https://ubuntu.com/security/CVE-2019-18683", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-10T14:09:30", "description": "fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a\nbtrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image\nbecause fs_devices->devices is mishandled within find_device, aka\nCID-09ba3bc9dd15.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-14T00:00:00", "type": "ubuntucve", "title": "CVE-2019-18885", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18885"], "modified": "2019-11-14T00:00:00", "id": "UB:CVE-2019-18885", "href": "https://ubuntu.com/security/CVE-2019-18885", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T14:09:14", "description": "A memory leak in the rsi_send_beacon() function in\ndrivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11\nallows attackers to cause a denial of service (memory consumption) by\ntriggering rsi_prepare_beacon() failures, aka CID-d563131ef23c.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19071", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19071"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19071", "href": "https://ubuntu.com/security/CVE-2019-19071", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:09:12", "description": "A memory leak in the ath10k_usb_hif_tx_sg() function in\ndrivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11\nallows attackers to cause a denial of service (memory consumption) by\ntriggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19078", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19078"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19078", "href": "https://ubuntu.com/security/CVE-2019-19078", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:13:11", "description": "An issue was discovered in the Linux kernel through 5.2.9. There is a NULL\npointer dereference caused by a malicious USB device in the\nflexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c\ndriver.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | Setting priority to negligible since this simple DoS requires a malicious USB device to be inserted into the system As of 2019-08-26, there's no upstream fix.\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-20T00:00:00", "type": "ubuntucve", "title": "CVE-2019-15291", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15291"], "modified": "2019-08-20T00:00:00", "id": "UB:CVE-2019-15291", "href": "https://ubuntu.com/security/CVE-2019-15291", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:09:51", "description": "A memory leak in the af9005_identify_state() function in\ndrivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows\nattackers to cause a denial of service (memory consumption), aka\nCID-2289adbfa559.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The Fixes tag in the fix commit is incorrect. c58b84ee467b introduced the leak.\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-07T00:00:00", "type": "ubuntucve", "title": "CVE-2019-18809", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18809"], "modified": "2019-11-07T00:00:00", "id": "UB:CVE-2019-18809", "href": "https://ubuntu.com/security/CVE-2019-18809", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:09:19", "description": "Two memory leaks in the mwifiex_pcie_init_evt_ring() function in\ndrivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through\n5.3.11 allow attackers to cause a denial of service (memory consumption) by\ntriggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19057", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19057"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19057", "href": "https://ubuntu.com/security/CVE-2019-19057", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T14:07:18", "description": "The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as\ndemonstrated by use-after-free errors in __ext4_expand_extra_isize and\next4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka\nCID-4ea99936a163.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-12-12T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19767", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19767"], "modified": "2019-12-12T00:00:00", "id": "UB:CVE-2019-19767", "href": "https://ubuntu.com/security/CVE-2019-19767", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T14:13:20", "description": "drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has\na NULL pointer dereference via an incomplete address in an endpoint\ndescriptor.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | commit subject \"ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe\"\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-08-16T00:00:00", "type": "ubuntucve", "title": "CVE-2019-15099", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15099"], "modified": "2019-08-16T00:00:00", "id": "UB:CVE-2019-15099", "href": "https://ubuntu.com/security/CVE-2019-15099", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:09:15", "description": "Two memory leaks in the rtl_usb_probe() function in\ndrivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through\n5.3.11 allow attackers to cause a denial of service (memory consumption),\naka CID-3f9361695113.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19063", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19063"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19063", "href": "https://ubuntu.com/security/CVE-2019-19063", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:06:28", "description": "In the Linux kernel before 5.1, there is a memory leak in\n__feat_register_sp() in net/dccp/feat.c, which may cause denial of service,\naka CID-1d3ff0950e2b.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-30T00:00:00", "type": "ubuntucve", "title": "CVE-2019-20096", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20096"], "modified": "2019-12-30T00:00:00", "id": "UB:CVE-2019-20096", "href": "https://ubuntu.com/security/CVE-2019-20096", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:06:04", "description": "An out-of-bounds memory write issue was found in the Linux Kernel, version\n3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the\n'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by\nthe KVM hypervisor. A user or process able to access the '/dev/kvm' device\ncould use this flaw to crash the system, resulting in a denial of service.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 6.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2020-01-09T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19332", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19332"], "modified": "2020-01-09T00:00:00", "id": "UB:CVE-2019-19332", "href": "https://ubuntu.com/security/CVE-2019-19332", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2023-06-10T14:06:38", "description": "In the Linux kernel through 5.4.6, there is a NULL pointer dereference in\ndrivers/scsi/libsas/sas_discover.c because of mishandling of port\ndisconnection during discovery, related to a PHY down race condition, aka\nCID-f70267f379b5.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-12-25T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19965", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19965"], "modified": "2019-12-25T00:00:00", "id": "UB:CVE-2019-19965", "href": "https://ubuntu.com/security/CVE-2019-19965", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-10T14:12:09", "description": "drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14\ndoes not check the alloc_workqueue return value, leading to a NULL pointer\ndereference.", "cvss3": {"exploitabilityScore": 0.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.1, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T00:00:00", "type": "ubuntucve", "title": "CVE-2019-16232", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16232"], "modified": "2019-09-11T00:00:00", "id": "UB:CVE-2019-16232", "href": "https://ubuntu.com/security/CVE-2019-16232", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:12:13", "description": "** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux\nkernel 5.2.14 does not check the alloc_workqueue return value, leading to a\nNULL pointer dereference. NOTE: The security community disputes this issues\nas not being serious enough to be deserving a CVE id.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | As of 2019-09-27, there is no upstream fix available\n", "cvss3": {"exploitabilityScore": 0.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "baseScore": 4.1, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-09-11T00:00:00", "type": "ubuntucve", "title": "CVE-2019-16229", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16229"], "modified": "2019-09-11T00:00:00", "id": "UB:CVE-2019-16229", "href": "https://ubuntu.com/security/CVE-2019-16229", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-10T14:05:59", "description": "Insufficient control flow in certain data structures for some Intel(R)\nProcessors with Intel(R) Processor Graphics may allow an unauthenticated\nuser to potentially enable information disclosure via local access.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This issue only affects systems with Intel Graphics Processing Units (GPUs) Gen8 Intel GPUs were previously fixed by commit 0160f055393f (\"drm/i915/gen8: Add WaClearSlmSpaceAtContextSwitch workaround\") Fixes are only available for Gen8 and Gen9 GPUs at this time Fixes for Gen6 and Gen7 may be available in the future\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2019-14615", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14615"], "modified": "2020-01-14T00:00:00", "id": "UB:CVE-2019-14615", "href": "https://ubuntu.com/security/CVE-2019-14615", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-10T14:09:16", "description": "A memory leak in the crypto_report() function in crypto/crypto_user_base.c\nin the Linux kernel through 5.3.11 allows attackers to cause a denial of\nservice (memory consumption) by triggering crypto_report_alg() failures,\naka CID-ffdde5932042.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-18T00:00:00", "type": "ubuntucve", "title": "CVE-2019-19062", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19062"], "modified": "2019-11-18T00:00:00", "id": "UB:CVE-2019-19062", "href": "https://ubuntu.com/security/CVE-2019-19062", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T13:59:38", "description": "In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm\nthrough 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in\nthe i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka\nCID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in\ndrivers/gpu/drm/i915/i915_gem_context.c.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/bugs/1859522>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This issue only affects systems with Intel Graphics Processing Units (GPUs)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2020-7053", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-7053"], "modified": "2020-01-14T00:00:00", "id": "UB:CVE-2020-7053", "href": "https://ubuntu.com/security/CVE-2020-7053", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-06-10T15:46:43", "description": "In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-14T15:07:30", "type": "redhatcve", "title": "CVE-2019-18786", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18786"], "modified": "2023-04-06T06:16:19", "id": "RH:CVE-2019-18786", "href": "https://access.redhat.com/security/cve/cve-2019-18786", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {