DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2019-17056", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2019-17056", "description": "llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.", "published": "2019-10-01T14:15:00", "modified": "2019-10-25T20:15:00", "epss": [{"cve": "CVE-2019-17056", "epss": 0.0005, "percentile": 0.16983, "modified": "2023-06-13"}], "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "NONE", "baseScore": 2.1}, "severity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW"}, "exploitabilityScore": 1.8, "impactScore": 1.4}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17056", "reporter": "cve@mitre.org", "references": ["https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a359798b176183ef09efb7a3dc59abad1cc7104", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/", "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html", "https://seclists.org/bugtraq/2019/Nov/11", "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "https://usn.ubuntu.com/4184-1/", "https://usn.ubuntu.com/4185-1/", "https://usn.ubuntu.com/4186-1/", "https://usn.ubuntu.com/4185-2/", "https://usn.ubuntu.com/4186-2/", "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html", "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"], "cvelist": ["CVE-2019-17056"], "immutableFields": [], "lastseen": "2023-06-13T14:48:52", "viewCount": 130, "enchantments": {"dependencies": {"references": [{"type": "cloudfoundry", "idList": ["CFOUNDRY:A9246B54233F05FAAFEBCA42A471540D", "CFOUNDRY:F1FD906C8A4009015525A4BE5BA37775"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2068-1:83234", "DEBIAN:DLA-2114-1:93D37"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-17056"]}, {"type": "fedora", "idList": ["FEDORA:04868606351B", "FEDORA:0B78D60E1FD1", "FEDORA:7800D60DF3BF", "FEDORA:7E825606351A", "FEDORA:AC5E86062CAB", "FEDORA:D9A2B60E1FCB"]}, {"type": "ibm", "idList": ["B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2068.NASL", "DEBIAN_DLA-2114.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2283.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2020-1042.NASL", "EULEROS_SA-2020-1197.NASL", "FEDORA_2019-41E28660AE.NASL", "FEDORA_2019-B1DE72B00B.NASL", "OPENSUSE-2019-2392.NASL", "OPENSUSE-2019-2444.NASL", "SLACKWARE_SSA_2019-311-01.NASL", "SUSE_SU-2019-2879-1.NASL", "SUSE_SU-2019-2946-1.NASL", "SUSE_SU-2019-2947-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2953-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2019-3200-1.NASL", "SUSE_SU-2019-3295-1.NASL", "SUSE_SU-2020-0093-1.NASL", "UBUNTU_USN-4184-1.NASL", "UBUNTU_USN-4184-2.NASL", "UBUNTU_USN-4185-1.NASL", "UBUNTU_USN-4185-3.NASL", "UBUNTU_USN-4186-1.NASL", "UBUNTU_USN-4186-3.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844230", "OPENVAS:1361412562310844231", "OPENVAS:1361412562310844233", "OPENVAS:1361412562310844234", "OPENVAS:1361412562310844235", "OPENVAS:1361412562310844236", "OPENVAS:1361412562310852750", "OPENVAS:1361412562310852953", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876930", "OPENVAS:1361412562310876939", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877052", "OPENVAS:1361412562310877058", "OPENVAS:1361412562310877070", "OPENVAS:1361412562310877149", "OPENVAS:1361412562310877161", "OPENVAS:1361412562310877293", "OPENVAS:1361412562310877370", "OPENVAS:1361412562310877476", "OPENVAS:1361412562310877540", "OPENVAS:1361412562310892068", "OPENVAS:1361412562310892114", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192283", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220201042", "OPENVAS:1361412562311220201197"]}, {"type": "osv", "idList": ["OSV:DLA-2068-1", "OSV:DLA-2114-1"]}, {"type": "photon", "idList": ["PHSA-2019-0036", "PHSA-2019-0189", "PHSA-2019-0255", "PHSA-2019-1.0-0255", "PHSA-2019-3.0-0036"]}, {"type": "redhatcve", "idList": ["RH:CVE-2019-17056"]}, {"type": "slackware", "idList": ["SSA-2019-311-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2392-1", "OPENSUSE-SU-2019:2444-1"]}, {"type": "ubuntu", "idList": ["USN-4184-1", "USN-4184-2", "USN-4185-1", "USN-4185-2", "USN-4185-3", "USN-4186-1", "USN-4186-2", "USN-4186-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-17056"]}]}, "score": {"value": 4.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cloudfoundry", "idList": ["CFOUNDRY:A9246B54233F05FAAFEBCA42A471540D", "CFOUNDRY:F1FD906C8A4009015525A4BE5BA37775"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2068-1:83234"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-17056"]}, {"type": "fedora", "idList": ["FEDORA:04868606351B", "FEDORA:0B78D60E1FD1", "FEDORA:7800D60DF3BF", "FEDORA:7E825606351A", "FEDORA:AC5E86062CAB", "FEDORA:D9A2B60E1FCB"]}, {"type": "ibm", "idList": ["B68653AE8B3B701FAB183C54D344C9C2EE03602A2C7365EC7CF172320BA1AA2E"]}, {"type": "nessus", "idList": ["DEBIAN_DLA-2068.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2020-1042.NASL", "FEDORA_2019-B1DE72B00B.NASL", "OPENSUSE-2019-2444.NASL", "SLACKWARE_SSA_2019-311-01.NASL", "SUSE_SU-2019-2946-1.NASL", "SUSE_SU-2019-2947-1.NASL", "SUSE_SU-2019-2949-1.NASL", "SUSE_SU-2019-2950-1.NASL", "SUSE_SU-2019-2953-1.NASL", "SUSE_SU-2019-2984-1.NASL", "SUSE_SU-2020-0093-1.NASL", "UBUNTU_USN-4184-1.NASL", "UBUNTU_USN-4184-2.NASL", "UBUNTU_USN-4185-1.NASL", "UBUNTU_USN-4185-3.NASL", "UBUNTU_USN-4186-1.NASL", "UBUNTU_USN-4186-3.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310844230", "OPENVAS:1361412562310844231", "OPENVAS:1361412562310844233", "OPENVAS:1361412562310844234", "OPENVAS:1361412562310844235", "OPENVAS:1361412562310844236", "OPENVAS:1361412562310852953", "OPENVAS:1361412562310876925", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310876999", "OPENVAS:1361412562310877149", "OPENVAS:1361412562310877161", "OPENVAS:1361412562310877293", "OPENVAS:1361412562310892068"]}, {"type": "photon", "idList": ["PHSA-2019-0036", "PHSA-2019-0189"]}, {"type": "slackware", "idList": ["SSA-2019-311-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2392-1"]}, {"type": "ubuntu", "idList": ["USN-4184-1", "USN-4184-2", "USN-4185-1", "USN-4185-2", "USN-4185-3", "USN-4186-1", "USN-4186-2", "USN-4186-3"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-17056"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "linux linux kernel", "version": 5}]}, "epss": [{"cve": "CVE-2019-17056", "epss": 0.0005, "percentile": 0.16987, "modified": "2023-05-06"}], "vulnersScore": 4.5}, "_state": {"dependencies": 1686668443, "score": 1686668798, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "ba1e487835daa5685ddbbe823233b44c"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:linux:linux_kernel:5.3.2"], "cpe23": ["cpe:2.3:o:linux:linux_kernel:5.3.2:*:*:*:*:*:*:*"], "cwe": ["CWE-276"], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "version": "5.3.2", "operator": "le", "name": "linux linux kernel"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3.2:*:*:*:*:*:*:*", "versionEndIncluding": "5.3.2", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a359798b176183ef09efb7a3dc59abad1cc7104", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a359798b176183ef09efb7a3dc59abad1cc7104", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0edc3f703f7bcaf550774b5d43ab727bcd0fe06b", "refsource": "MISC", "tags": ["Patch", "Vendor Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/", "name": "FEDORA-2019-41e28660ae", "refsource": "FEDORA", "tags": []}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html", "name": "openSUSE-SU-2019:2392", "refsource": "SUSE", "tags": []}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html", "name": "openSUSE-SU-2019:2444", "refsource": "SUSE", "tags": []}, {"url": "https://seclists.org/bugtraq/2019/Nov/11", "name": "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)", "refsource": "BUGTRAQ", "tags": []}, {"url": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "name": "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "refsource": "MISC", "tags": []}, {"url": "https://usn.ubuntu.com/4184-1/", "name": "USN-4184-1", "refsource": "UBUNTU", "tags": []}, {"url": "https://usn.ubuntu.com/4185-1/", "name": "USN-4185-1", "refsource": "UBUNTU", "tags": []}, {"url": "https://usn.ubuntu.com/4186-1/", "name": "USN-4186-1", "refsource": "UBUNTU", "tags": []}, {"url": "https://usn.ubuntu.com/4185-2/", "name": "USN-4185-2", "refsource": "UBUNTU", "tags": []}, {"url": "https://usn.ubuntu.com/4186-2/", "name": "USN-4186-2", "refsource": "UBUNTU", "tags": []}, {"url": "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html", "name": "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update", "refsource": "MLIST", "tags": []}, {"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html", "name": "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update", "refsource": "MLIST", "tags": []}], "product_info": [{"vendor": "Linux", "product": "Linux_kernel"}], "solutions": [], "workarounds": [], "impacts": [], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "exploits": [], "assigned": "1976-01-01T00:00:00"}

{"redhatcve": [{"lastseen": "2023-06-13T14:58:33", "description": "llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-04-02T09:00:48", "type": "redhatcve", "title": "CVE-2019-17056", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17056"], "modified": "2023-04-06T05:59:15", "id": "RH:CVE-2019-17056", "href": "https://access.redhat.com/security/cve/cve-2019-17056", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "debiancve": [{"lastseen": "2023-06-13T18:12:02", "description": "llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-10-01T14:15:00", "type": "debiancve", "title": "CVE-2019-17056", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17056"], "modified": "2019-10-01T14:15:00", "id": "DEBIANCVE:CVE-2019-17056", "href": "https://security-tracker.debian.org/tracker/CVE-2019-17056", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2023-08-09T18:35:28", "description": "llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the\nLinux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that\nunprivileged users can create a raw socket, aka CID-3a359798b176.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2019-10-01T00:00:00", "type": "ubuntucve", "title": "CVE-2019-17056", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17056"], "modified": "2019-10-01T00:00:00", "id": "UB:CVE-2019-17056", "href": "https://ubuntu.com/security/CVE-2019-17056", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-08T00:30:43", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: kernel-5.3.4-300.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-10-08T00:30:43", "id": "FEDORA:7800D60DF3BF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LCEAHKC4BK6TPXXMRPE36RL6KMJVUVWL/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-08T00:30:44", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: kernel-tools-5.3.4-300.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-10-08T00:30:44", "id": "FEDORA:0B78D60E1FD1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ILQ4RUZFRR65OIVJELZHCQ4GASLR4CAM/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-08T00:30:43", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: kernel-headers-5.3.4-300.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-10-08T00:30:43", "id": "FEDORA:D9A2B60E1FCB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/35IDKBA5CECZUXUH5RPU6HL2MIXDEAQC/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-25T18:09:35", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-headers-5.3.6-100.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-10-25T18:09:35", "id": "FEDORA:7E825606351A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 3.3, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-10-25T18:09:35", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-tools-5.3.6-100.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-10-25T18:09:35", "id": "FEDORA:AC5E86062CAB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PBAPFQ6IKKVACVBYEEFXGOHYUHVNLO3M/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-11-27T10:47:49", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-25T18:09:34", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.3.6-100.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-10126", "CVE-2019-11091", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11833", "CVE-2019-11884", "CVE-2019-12378", "CVE-2019-12379", "CVE-2019-12380", "CVE-2019-12381", "CVE-2019-12382", "CVE-2019-12454", "CVE-2019-12455", "CVE-2019-12456", "CVE-2019-12614", "CVE-2019-12817", "CVE-2019-13631", "CVE-2019-14814", "CVE-2019-14815", "CVE-2019-14816", "CVE-2019-14821", "CVE-2019-15504", "CVE-2019-15505", "CVE-2019-15538", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3846", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-10-25T18:09:34", "id": "FEDORA:04868606351B", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7OQRYOJ367BYNOXYMBEMNEJQCGGW2EC7/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-01-14T14:48:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-b1de72b00b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17055", "CVE-2019-17054", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877149", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877149", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877149\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-17056\", \"CVE-2019-17055\", \"CVE-2019-17054\", \"CVE-2019-17053\", \"CVE-2019-17052\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:28:44 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2019-b1de72b00b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b1de72b00b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35IDKBA5CECZUXUH5RPU6HL2MIXDEAQC\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2019-b1de72b00b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Kernel-headers includes the C header files that specify the interface\nbetween the Linux kernel and userspace libraries and programs. The\nheader files define structures and constants that are needed for\nbuilding most standard programs and are also needed for rebuilding the\nglibc package.\");\n\n script_tag(name:\"affected\", value:\"'kernel-headers' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~5.3.4~300.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-06T12:10:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-41e28660ae", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17055", "CVE-2019-17054", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876930", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876930", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876930\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2019-17056\", \"CVE-2019-17055\", \"CVE-2019-17054\", \"CVE-2019-17053\", \"CVE-2019-17052\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-26 02:26:58 +0000 (Sat, 26 Oct 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-41e28660ae\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-41e28660ae\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBAPFQ6IKKVACVBYEEFXGOHYUHVNLO3M\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2019-41e28660ae advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the tools/ directory from the kernel source\nand the supporting documentation.\");\n\n script_tag(name:\"affected\", value:\"'kernel-tools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~5.3.6~100.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-14T14:49:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-b1de72b00b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17055", "CVE-2019-17054", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877161", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877161", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877161\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-17056\", \"CVE-2019-17055\", \"CVE-2019-17054\", \"CVE-2019-17053\", \"CVE-2019-17052\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:29:04 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-b1de72b00b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b1de72b00b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILQ4RUZFRR65OIVJELZHCQ4GASLR4CAM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2019-b1de72b00b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the tools/ directory from the kernel source\nand the supporting documentation.\");\n\n script_tag(name:\"affected\", value:\"'kernel-tools' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~5.3.4~300.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-14T14:48:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-b1de72b00b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17055", "CVE-2019-17054", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877293", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877293", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877293\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-17056\", \"CVE-2019-17055\", \"CVE-2019-17054\", \"CVE-2019-17053\", \"CVE-2019-17052\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:36:32 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-b1de72b00b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b1de72b00b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCEAHKC4BK6TPXXMRPE36RL6KMJVUVWL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-b1de72b00b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.4~300.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-11-06T12:10:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-41e28660ae", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17055", "CVE-2019-17054", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876939", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876939", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876939\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2019-17056\", \"CVE-2019-17055\", \"CVE-2019-17054\", \"CVE-2019-17053\", \"CVE-2019-17052\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-26 02:27:38 +0000 (Sat, 26 Oct 2019)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2019-41e28660ae\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-41e28660ae\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6JNEWGIK7QA24OIUUL67QZNJN52NB7T\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2019-41e28660ae advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Kernel-headers includes the C header files that specify the interface\nbetween the Linux kernel and userspace libraries and programs. The\nheader files define structures and constants that are needed for\nbuilding most standard programs and are also needed for rebuilding the\nglibc package.\");\n\n script_tag(name:\"affected\", value:\"'kernel-headers' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~5.3.6~100.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-31T16:48:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2392-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17666", "CVE-2019-16232", "CVE-2019-16234", "CVE-2019-17133", "CVE-2019-17056"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852750", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852750", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852750\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-16234\", \"CVE-2019-17056\", \"CVE-2019-17133\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-28 03:00:45 +0000 (Mon, 28 Oct 2019)\");\n script_name(\"openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2392-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2392-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00064.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux Kernel'\n package(s) announced via the openSUSE-SU-2019:2392-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.0 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-17666: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound\n check, leading to a buffer overflow (bnc#1154372).\n\n - CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not\n check the alloc_workqueue return value, leading to a NULL pointer\n dereference (bnc#1150465).\n\n - CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not\n check the alloc_workqueue return value, leading to a NULL pointer\n dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c\n did not reject a long SSID IE, leading to a Buffer Overflow\n (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC\n network module did not enforce CAP_NET_RAW, which means that\n unprivileged users can create a raw socket, aka CID-3a359798b176\n (bnc#1152788).\n\n The following non-security bugs were fixed:\n\n - 9p: avoid attaching writeback_fid on mmap with type PRIVATE\n (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in\n acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs == 0xff\n (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854) For enabling the\n kernel module compress, add the item COMPRESS_MODULES='xz' in config.sh,\n then mkspec will pass it to the spec file.\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven platform\n (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family\n (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming new tbls\n (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n\n - ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx\n (bsc#1051510).\n\n - ALSA: hda - Inform too slow responses (bsc#1051510).\n\n - ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93\n (bsc#1051510).\n\n - ALSA: hda/realtek - Check beep whitelist before assigning in all codecs\n (bsc#1051510).\n\n - ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).\n\n - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp150.12.79.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:29:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2444-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16995", "CVE-2019-17666", "CVE-2019-16233", "CVE-2019-16232", "CVE-2019-16234", "CVE-2019-17133", "CVE-2019-17056"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852953", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852953", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852953\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-16233\", \"CVE-2019-16234\", \"CVE-2019-16995\",\n \"CVE-2019-17056\", \"CVE-2019-17133\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:47:27 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:2444-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2444-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-11/msg00010.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux Kernel'\n package(s) announced via the openSUSE-SU-2019:2444-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.1 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2019-16995: A memory leak exits in hsr_dev_finalize() in\n net/hsr/hsr_device.c. if hsr_add_port fails to add a port, which may\n cause denial of service, aka CID-6caabe7f197d (bnc#1152685).\n\n - CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the\n alloc_workqueue return value, leading to a NULL pointer dereference\n (bnc#1150457).\n\n - CVE-2019-17666: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound\n check, leading to a buffer overflow (bnc#1154372).\n\n - CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not\n check the alloc_workqueue return value, leading to a NULL pointer\n dereference (bnc#1150465).\n\n - CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not\n check the alloc_workqueue return value, leading to a NULL pointer\n dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c\n did not reject a long SSID IE, leading to a Buffer Overflow\n (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC\n network module did not enforce CAP_NET_RAW, which means that\n unprivileged users can create a raw socket, aka CID-3a359798b176\n (bnc#1152788).\n\n The following non-security bugs were fixed:\n\n - 9p: avoid attaching writeback_fid on mmap with type PRIVATE\n (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in\n acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs == 0xff\n (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling (bsc#1051510).\n\n - Add Acer Aspire Ethos 8951G model quirk (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854)\n\n - ALSA: hda - Add a quirk model for fixing Huawei Matebook X right speaker\n (bsc#1051510).\n\n - ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).\n\n - ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven platform\n (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family\n (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming new tbls\n (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'the' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp151.28.25.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-29T15:46:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4185-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-11-29T00:00:00", "id": "OPENVAS:1361412562310844230", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844230", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844230\");\n script_version(\"2019-11-29T08:04:17+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2019-0155\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-11-29 08:04:17 +0000 (Fri, 29 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-13 03:00:52 +0000 (Wed, 13 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4185-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4185-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005196.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4185-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in the\nLinux kernel did not properly perform permissions checks. A local attacker\ncould use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw socket.\n(CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation\nin the Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1029-oracle\", ver:\"4.15.0-1029.32\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1048-gke\", ver:\"4.15.0-1048.51\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1050-kvm\", ver:\"4.15.0-1050.50\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1054-aws\", ver:\"4.15.0-1054.56\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1063-oem\", ver:\"4.15.0-1063.72\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-generic\", ver:\"4.15.0-69.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-generic-lpae\", ver:\"4.15.0-69.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-lowlatency\", ver:\"4.15.0-69.78\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1054.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-lts-18.04\", ver:\"4.15.0.1054.55\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1048.51\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-4.15\", ver:\"4.15.0.1048.51\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1050.50\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1063.67\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1029.34\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle-lts-18.04\", ver:\"4.15.0.1029.34\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.69.71\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1029-oracle\", ver:\"4.15.0-1029.32~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1049-gcp\", ver:\"4.15.0-1049.52\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1054-aws\", ver:\"4.15.0-1054.56~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1063-azure\", ver:\"4.15.0-1063.68\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-generic\", ver:\"4.15.0-69.78~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-generic-lpae\", ver:\"4.15.0-69.78~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-69-lowlatency\", ver:\"4.15.0-69.78~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1054.54\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1063.66\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1049.63\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.69.89\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.69.89\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1049.63\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.69.89\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.69.89\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"4.15.0.1029.22\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.69.89\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-29T15:46:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4185-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-11-29T00:00:00", "id": "OPENVAS:1361412562310844234", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844234", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844234\");\n script_version(\"2019-11-29T08:04:17+0000\");\n script_cve_id(\"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-11-29 08:04:17 +0000 (Fri, 29 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:01:20 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4185-3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4185-3\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005206.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4185-3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered\nthat the kernel fix for CVE-2019-0155 (i915 missing Blitter Command\nStreamer check) was incomplete on 64-bit Intel x86 systems. Also, the\nupdate introduced a regression that broke KVM guests where extended\npage tables (EPT) are disabled or not supported. This update addresses\nboth issues.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nStephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in the\nLinux kernel did not properly perform permissions checks. A local attacker\ncould use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw socket.\n(CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in\nthe Linux kernel di ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-1064-oem\", ver:\"4.15.0-1064.73\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-generic\", ver:\"4.15.0-70.79\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-generic-lpae\", ver:\"4.15.0-70.79\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-lowlatency\", ver:\"4.15.0-70.79\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.70.72\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.70.72\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.70.72\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1064.68\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.15.0.70.72\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-generic\", ver:\"4.15.0-70.79~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-generic-lpae\", ver:\"4.15.0-70.79~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.15.0-70-lowlatency\", ver:\"4.15.0-70.79~16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.70.90\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.70.90\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.70.90\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.70.90\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-16.04\", ver:\"4.15.0.70.90\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-29T15:45:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4186-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-16746", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-2215", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-11-29T00:00:00", "id": "OPENVAS:1361412562310844231", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844231", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844231\");\n script_version(\"2019-11-29T08:04:17+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2019-0155\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-11-29 08:04:17 +0000 (Fri, 29 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-13 03:01:00 +0000 (Wed, 13 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4186-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4186-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005197.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4186-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi\nconfiguration interface for the Linux kernel when handling beacon settings.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in the\nLinux kernel did not properly perform permissions checks. A local attacker\ncould use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw socket.\n(CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network pr ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1062-kvm\", ver:\"4.4.0-1062.69\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-1098-aws\", ver:\"4.4.0-1098.109\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-generic\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-generic-lpae\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-lowlatency\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-powerpc-e500mc\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-powerpc-smp\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-powerpc64-emb\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-168-powerpc64-smp\", ver:\"4.4.0-168.197\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1098.102\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1062.62\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.168.176\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-29T15:44:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4186-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-16746", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-2215", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2019-11-29T00:00:00", "id": "OPENVAS:1361412562310844236", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844236", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844236\");\n script_version(\"2019-11-29T08:04:17+0000\");\n script_cve_id(\"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-11-29 08:04:17 +0000 (Fri, 29 Nov 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:01:39 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4186-3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4186-3\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005207.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4186-3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered\nthat the kernel fix for CVE-2019-0155 (i915 missing Blitter Command\nStreamer check) was incomplete on 64-bit Intel x86 systems. This\nupdate addresses the issue.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nStephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi\nconfiguration interface for the Linux kernel when handling beacon settings.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in the\nLinux kernel did not properly perform permissions checks. A local attacker\ncould use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-169-generic\", ver:\"4.4.0-169.198\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-169-generic-lpae\", ver:\"4.4.0-169.198\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.4.0-169-lowlatency\", ver:\"4.4.0-169.198\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.169.177\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.169.177\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.169.177\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.169.177\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T09:46:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4184-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-15792", "CVE-2019-15793", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-15791", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2020-05-05T00:00:00", "id": "OPENVAS:1361412562310844233", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844233", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844233\");\n script_version(\"2020-05-05T07:00:07+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2019-0155\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-05 07:00:07 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-13 03:01:11 +0000 (Wed, 13 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4184-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.04)\");\n\n script_xref(name:\"USN\", value:\"4184-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005195.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4184-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux kernel\ndid not use the correct file system uid/gid when the user namespace of a\nlower file system is not in the init user namespace. A local attacker could\nuse this to possibly bypass DAC permissions or have some other unspecified\nimpact. (CVE-2019-15793)\n\nOri Nimron discovered that the AX25 network protocol implementation in the\nLinux kernel did not properly perform permissions checks. A local attacker\ncould use this to create a raw s ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-azure\", ver:\"5.0.0-1025.27~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-gcp\", ver:\"5.0.0-1025.26~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-gke\", ver:\"5.0.0-1025.26~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1027-oem-osp1\", ver:\"5.0.0-1027.31\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-generic\", ver:\"5.0.0-35.38~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-generic-lpae\", ver:\"5.0.0-35.38~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-lowlatency\", ver:\"5.0.0-35.38~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.0.0.1025.36\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.0.0.1025.29\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.0.0.35.93\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.0.0.35.93\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke-5.0\", ver:\"5.0.0.1025.14\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.0.0.35.93\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1027.31\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-snapdragon-hwe-18.04\", ver:\"5.0.0.35.93\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.0.0.35.93\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1007-oracle\", ver:\"5.0.0-1007.12\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1021-aws\", ver:\"5.0.0-1021.24\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1022-kvm\", ver:\"5.0.0-1022.24\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1022-raspi2\", ver:\"5.0.0-1022.23\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-azure\", ver:\"5.0.0-1025.27\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1025-gcp\", ver:\"5.0.0-1025.26\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-generic\", ver:\"5.0.0-35.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-generic-lpae\", ver:\"5.0.0-35.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-35-lowlatency\", ver:\"5.0.0-35.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"5.0.0.1021.23\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"5.0.0.1025.25\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"5.0.0.1025.50\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.0.0.35.37\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.0.0.35.37\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"5.0.0.1025.50\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"5.0.0.1022.23\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.0.0.35.37\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oracle\", ver:\"5.0.0.1007.33\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"5.0.0.1022.20\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.0.0.35.37\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:35:54", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2283)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0136", "CVE-2019-17666", "CVE-2019-18809", "CVE-2019-17055", "CVE-2019-17054", "CVE-2019-18806", "CVE-2019-18813", "CVE-2019-17075", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-16234", "CVE-2019-17133", "CVE-2019-17056"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192283", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192283", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2283\");\n script_version(\"2020-01-23T12:45:16+0000\");\n script_cve_id(\"CVE-2019-0136\", \"CVE-2019-16234\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-18806\", \"CVE-2019-18809\", \"CVE-2019-18813\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:45:16 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:45:16 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2283)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2283\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2283\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2283 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.(CVE-2019-18809)\n\nA memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.(CVE-2019-18813)\n\nA memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.(CVE-2019-18806)\n\ndrivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.(CVE-2019-16234)\n\nInsufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.(CVE-2019-0136)\n\nAn issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.(CVE-2019-16746)\n\nIn the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.(CVE-2019-17133)\n\nrtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.(CVE-2019-17666)\n\nAn issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.(CVE-2019-17075)\n\nax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.(CVE-2019-17052)\n\nieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.(CVE-2019-17053)\n\natalk_create in net/appletalk/ddp ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h529.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-05-08T09:48:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-4184-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15098", "CVE-2019-17666", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-11135", "CVE-2019-15792", "CVE-2019-15793", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-15791", "CVE-2019-17053", "CVE-2019-17056"], "modified": "2020-05-05T00:00:00", "id": "OPENVAS:1361412562310844235", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844235", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844235\");\n script_version(\"2020-05-05T07:00:07+0000\");\n script_cve_id(\"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-05 07:00:07 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:01:29 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Ubuntu Update for linux USN-4184-2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.04)\");\n\n script_xref(name:\"USN\", value:\"4184-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-November/005205.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-4184-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered\nthat the kernel fix for CVE-2019-0155 (i915 missing Blitter Command\nStreamer check) was incomplete on 64-bit Intel x86 systems. Also, the\nupdate introduced a regression that broke KVM guests where extended\npage tables (EPT) are disabled or not supported. This update addresses\nboth issues.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nStephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo,\nKaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz\nLipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel\nprocessors using Transactional Synchronization Extensions (TSX) could\nexpose memory contents previously stored in microarchitectural buffers to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace\nto modify page table entries via writes to MMIO from the Blitter Command\nStreamer and expose kernel memory information. A local attacker could use\nthis to expose sensitive information or possibly elevate privileges.\n(CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel\ndid not properly perform invalidation on page table updates by virtual\nguest operating systems. A local attacker in a guest VM could use this to\ncause a denial of service (host system crash). (CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped input\noutput (MMIO) when the product is in certain low power states. A local\nattacker could use this to cause a denial of service. (CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the\nLinux kernel did not properly validate endpoint descriptors returned by the\ndevice. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux kernel\ndid ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Ubuntu 19.04, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-1028-oem-osp1\", ver:\"5.0.0-1028.32\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-generic\", ver:\"5.0.0-36.39~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-generic-lpae\", ver:\"5.0.0-36.39~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-lowlatency\", ver:\"5.0.0-36.39~18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-hwe-18.04\", ver:\"5.0.0.36.94\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-18.04\", ver:\"5.0.0.36.94\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-18.04\", ver:\"5.0.0.36.94\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-oem-osp1\", ver:\"5.0.0.1028.32\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual-hwe-18.04\", ver:\"5.0.0.36.94\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"Please\", ver:\"note that mitigating the TSX (CVE-2019-11135) and i915\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"firmware\", ver:\"updates respectively.\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-generic\", ver:\"5.0.0-36.39\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-generic-lpae\", ver:\"5.0.0-36.39\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-5.0.0-36-lowlatency\", ver:\"5.0.0-36.39\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"5.0.0.36.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"5.0.0.36.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"5.0.0.36.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"5.0.0.36.38\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-24T20:39:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-19T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-057d691fd4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-12380", "CVE-2019-17054", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-12381", "CVE-2019-16746", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-12817", "CVE-2019-12614", "CVE-2019-17052", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-14814", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-10-24T00:00:00", "id": "OPENVAS:1361412562310876925", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876925", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876925\");\n script_version(\"2019-10-24T06:55:50+0000\");\n script_cve_id(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-16746\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-24 06:55:50 +0000 (Thu, 24 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-19 02:34:51 +0000 (Sat, 19 Oct 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-057d691fd4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-057d691fd4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36DYF7IFYJ54ACYU7WV4ZGCJ577DSPQL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-057d691fd4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.6~200.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:38:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15219", "CVE-2019-14815", "CVE-2019-15098", "CVE-2019-15218", "CVE-2019-14816", "CVE-2019-15538", "CVE-2019-16233", "CVE-2019-15807", "CVE-2019-15505", "CVE-2018-10853", "CVE-2019-17055", "CVE-2019-15118", "CVE-2019-17054", "CVE-2019-15921", "CVE-2019-15099", "CVE-2019-10207", "CVE-2019-15220", "CVE-2019-15924", "CVE-2019-15927", "CVE-2019-10140", "CVE-2019-14835", "CVE-2018-7492", "CVE-2019-15221", "CVE-2019-10638", "CVE-2019-15239", "CVE-2019-12818", "CVE-2019-10142", "CVE-2019-15292", "CVE-2019-17052", "CVE-2018-20976", "CVE-2019-14821", "CVE-2019-15926", "CVE-2019-14814", "CVE-2019-17053", "CVE-2018-1128", "CVE-2019-1125", "CVE-2019-16413", "CVE-2019-17056"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192201", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192201", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2201\");\n script_version(\"2020-01-23T12:38:00+0000\");\n script_cve_id(\"CVE-2018-10853\", \"CVE-2018-1128\", \"CVE-2018-20976\", \"CVE-2018-7492\", \"CVE-2019-10140\", \"CVE-2019-10142\", \"CVE-2019-10207\", \"CVE-2019-10638\", \"CVE-2019-1125\", \"CVE-2019-12818\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15098\", \"CVE-2019-15099\", \"CVE-2019-15118\", \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15239\", \"CVE-2019-15292\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-15807\", \"CVE-2019-15921\", \"CVE-2019-15924\", \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-16233\", \"CVE-2019-16413\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:38:00 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:38:00 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2201)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2201\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2201\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2201 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers\net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\nAn issue was discovered in the Linux kernel before 5.0.6. There is a memory leak issue when idr_alloc() fails in genl_register_family() in net\netlink/genetlink.c.(CVE-2019-15921)\n\nAn issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.(CVE-2019-15927)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)\n\nAn issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.(CVE-2018-20976)\n\nIn the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.(CVE-2019-15807)\n\nA vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).(CVE-2019-10140)\n\nIn the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation.(CVE-2019-15239)\n\ncheck_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.(CVE-2019-15118)\n\ndrivers et/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.(CVE-2019-15099)\n\ndrivers et/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.(CVE-2019-15098)\n\nA flaw was found in the Linux kernels Bluetooth implement ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.2.h291.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-14T16:51:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-03-13T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1197)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-15098", "CVE-2019-14816", "CVE-2019-15090", "CVE-2019-15217", "CVE-2019-0136", "CVE-2019-17666", "CVE-2019-16233", "CVE-2019-18809", "CVE-2019-15216", "CVE-2019-15504", "CVE-2019-15918", "CVE-2019-17055", "CVE-2019-15030", "CVE-2019-17054", "CVE-2019-18806", "CVE-2019-18813", "CVE-2019-15215", "CVE-2019-15099", "CVE-2019-15924", "CVE-2019-17075", "CVE-2019-16746", "CVE-2019-14835", "CVE-2019-15213", "CVE-2019-15212", "CVE-2019-18808", "CVE-2019-15922", "CVE-2019-19066", "CVE-2019-18885", "CVE-2019-15031", "CVE-2019-17052", "CVE-2019-16714", "CVE-2019-16089", "CVE-2019-15926", "CVE-2019-14814", "CVE-2019-15923", "CVE-2019-17053", "CVE-2019-16234", "CVE-2019-17133", "CVE-2019-17056"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562311220201197", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201197", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1197\");\n script_version(\"2020-03-13T07:12:58+0000\");\n script_cve_id(\"CVE-2019-0136\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14835\", \"CVE-2019-15030\", \"CVE-2019-15031\", \"CVE-2019-15090\", \"CVE-2019-15098\", \"CVE-2019-15099\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15504\", \"CVE-2019-15918\", \"CVE-2019-15922\", \"CVE-2019-15923\", \"CVE-2019-15924\", \"CVE-2019-15926\", \"CVE-2019-16089\", \"CVE-2019-16233\", \"CVE-2019-16234\", \"CVE-2019-16714\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-18806\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18813\", \"CVE-2019-18885\", \"CVE-2019-19066\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 07:12:58 +0000 (Fri, 13 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-13 07:12:58 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1197)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1197\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1197\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1197 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.\n\nSecurity Fix(es):An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.(CVE-2019-15213)\n\nAn issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.(CVE-2019-15215)\n\nAn issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.(CVE-2019-15217)\n\nAn issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.(CVE-2019-15212)\n\nAn issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.(CVE-2019-15216)\n\nAn issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux kernel before 5.1.12. In the qedi_dbg_* family of functions, there is an out-of-bounds read.(CVE-2019-15090)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a cd data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15923)\n\nAn issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.(CVE-2019-15918)\n\nAn issue was discovered in the Linux kernel before 5.0.9. There is a NULL pointer dereference for a pf data structure if alloc_disk fails in drivers/block/paride/pf.c.(CVE-2019-15922)\n\nAn issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file drivers/net/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)\n\nAn issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers/net/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924)\n\nA buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during m ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h529\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-06-11T15:55:34", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-19T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-2068-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19527", "CVE-2019-15098", "CVE-2019-19533", "CVE-2019-15217", "CVE-2019-19051", "CVE-2019-17666", "CVE-2019-19767", "CVE-2019-19534", "CVE-2019-19057", "CVE-2019-15505", "CVE-2019-19332", "CVE-2019-19052", "CVE-2019-14901", "CVE-2019-19524", "CVE-2019-17055", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-19922", "CVE-2019-17054", "CVE-2019-19523", "CVE-2019-19965", "CVE-2019-19227", "CVE-2019-16746", "CVE-2019-19531", "CVE-2019-10220", "CVE-2019-19947", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2019-17052", "CVE-2019-2215", "CVE-2019-19530", "CVE-2019-19532", "CVE-2019-19537", "CVE-2019-19966", "CVE-2019-19056", "CVE-2019-15291", "CVE-2019-19536", "CVE-2019-17053", "CVE-2019-17133", "CVE-2019-17056"], "modified": "2020-06-09T00:00:00", "id": "OPENVAS:1361412562310892068", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892068", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892068\");\n script_version(\"2020-06-09T14:44:58+0000\");\n script_cve_id(\"CVE-2019-10220\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-15098\", \"CVE-2019-15217\", \"CVE-2019-15291\", \"CVE-2019-15505\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-19051\", \"CVE-2019-19052\", \"CVE-2019-19056\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19066\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19523\", \"CVE-2019-19524\", \"CVE-2019-19527\", \"CVE-2019-19530\", \"CVE-2019-19531\", \"CVE-2019-19532\", \"CVE-2019-19533\", \"CVE-2019-19534\", \"CVE-2019-19536\", \"CVE-2019-19537\", \"CVE-2019-19767\", \"CVE-2019-19922\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-19966\", \"CVE-2019-2215\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-09 14:44:58 +0000 (Tue, 09 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-19 04:00:44 +0000 (Sun, 19 Jan 2020)\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-2068-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2068-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DLA-2068-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleak.\n\nCVE-2019-2215\n\nThe syzkaller tool discovered a use-after-free vulnerability in\nthe Android binder driver. A local user on a system with this\ndriver enabled could use this to cause a denial of service (memory\ncorruption or crash) or possibly for privilege escalation.\nHowever, this driver is not enabled on Debian packaged kernels.\n\nCVE-2019-10220\n\nVarious developers and researchers found that if a crafted file-\nsystem or malicious file server presented a directory with\nfilenames including a '/' character, this could confuse and\npossibly defeat security checks in applications that read the\ndirectory.\n\nThe kernel will now return an error when reading such a directory,\nrather than passing the invalid filenames on to user-space.\n\nCVE-2019-14895, CVE-2019-14901\n\nADLab of Venustech discovered potential heap buffer overflows in\nthe mwifiex wifi driver. On systems using this driver, a\nmalicious Wireless Access Point or adhoc/P2P peer could use these\nto cause a denial of service (memory corruption or crash) or\npossibly for remote code execution.\n\nCVE-2019-14896, CVE-2019-14897\n\nADLab of Venustech discovered potential heap and stack buffer\noverflows in the libertas wifi driver. On systems using this\ndriver, a malicious Wireless Access Point or adhoc/P2P peer could\nuse these to cause a denial of service (memory corruption or\ncrash) or possibly for remote code execution.\n\nCVE-2019-15098\n\nHui Peng and Mathias Payer reported that the ath6kl wifi driver\ndid not properly validate USB descriptors, which could lead to a\nnull pointer dereference. An attacker able to add USB devices\ncould use this to cause a denial of service (BUG/oops).\n\nCVE-2019-15217\n\nThe syzkaller tool discovered that the zr364xx mdia driver did not\ncorrectly handle devices without a product name string, which\ncould lead to a null pointer dereference. An attacker able to add\nUSB devices could use this to cause a denial of service\n(BUG/oops).\n\nCVE-2019-15291\n\nThe syzkaller tool discovered that the b2c2-flexcop-usb media\ndriver did not properly validate USB descriptors, which could lead\nto a null pointer dereference. An attacker able to add USB\ndevices could use this to cause a denial of service (BUG/oops).\n\nCVE-2019-15505\n\nThe syzkaller tool discovered that the technisat-usb2 media driver\ndid not properly validate incoming IR packets, which could lead to\na heap buffer over-read. An attacker able to add USB devices\ncould use this to cause a denial of service (BUG/oops) or to read\nsensitive information from kernel memory.\n\n ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.16.81-1.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-x86\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-586\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-686-pae\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-amd64\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-armel\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-armhf\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-all-i386\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-amd64\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-armmp\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-armmp-lpae\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-common\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-ixp4xx\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-kirkwood\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-orion5x\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-10-versatile\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-586\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-686-pae\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-686-pae-dbg\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-amd64\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-amd64-dbg\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-armmp\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-armmp-lpae\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-ixp4xx\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-kirkwood\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-orion5x\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-10-versatile\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-10\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-10-amd64\", ver:\"3.16.81-1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-19T14:54:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-1689d3fe07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-12380", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-12817", "CVE-2019-12614", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-14814", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310876999", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876999", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876999\");\n script_version(\"2019-12-18T09:57:42+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 09:57:42 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:30:27 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-1689d3fe07\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1689d3fe07\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WF7OJEJPL3WGY3AVYD65OKIG4X6ELHN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-1689d3fe07 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.11~200.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:40:21", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1042)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19079", "CVE-2019-18814", "CVE-2019-19054", "CVE-2019-19045", "CVE-2019-0136", "CVE-2019-19051", "CVE-2019-17666", "CVE-2019-16233", "CVE-2019-18683", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-19075", "CVE-2019-19052", "CVE-2019-15504", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-17054", "CVE-2019-18806", "CVE-2019-18813", "CVE-2019-19065", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-17075", "CVE-2019-16746", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-19066", "CVE-2019-19083", "CVE-2019-19067", "CVE-2019-19068", "CVE-2019-19071", "CVE-2019-19081", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19080", "CVE-2019-16714", "CVE-2019-18786", "CVE-2019-19074", "CVE-2019-16089", "CVE-2019-19056", "CVE-2019-19072", "CVE-2019-17053", "CVE-2019-16234", "CVE-2019-17133", "CVE-2019-19049", "CVE-2019-17056"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201042", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201042", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1042\");\n script_version(\"2020-01-23T13:17:18+0000\");\n script_cve_id(\"CVE-2019-0136\", \"CVE-2019-15504\", \"CVE-2019-16089\", \"CVE-2019-16233\", \"CVE-2019-16234\", \"CVE-2019-16714\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-18683\", \"CVE-2019-18786\", \"CVE-2019-18806\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18813\", \"CVE-2019-18814\", \"CVE-2019-19045\", \"CVE-2019-19049\", \"CVE-2019-19051\", \"CVE-2019-19052\", \"CVE-2019-19054\", \"CVE-2019-19056\", \"CVE-2019-19057\", \"CVE-2019-19058\", \"CVE-2019-19059\", \"CVE-2019-19063\", \"CVE-2019-19065\", \"CVE-2019-19066\", \"CVE-2019-19067\", \"CVE-2019-19068\", \"CVE-2019-19070\", \"CVE-2019-19071\", \"CVE-2019-19072\", \"CVE-2019-19073\", \"CVE-2019-19074\", \"CVE-2019-19075\", \"CVE-2019-19077\", \"CVE-2019-19078\", \"CVE-2019-19079\", \"CVE-2019-19080\", \"CVE-2019-19081\", \"CVE-2019-19082\", \"CVE-2019-19083\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:17:18 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:17:18 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-1042)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1042\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1042\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2020-1042 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).CVE-2019-15504\n\nIn the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.CVE-2019-16714\n\ndrivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.CVE-2019-16233\n\nAn issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.CVE-2019-16089\n\nllcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.CVE-2019-17056\n\nbase_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.CVE-2019-17055\n\natalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.CVE-2019-17054\n\nieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.CVE-2019-17053\n\nax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.CVE-2019-17052\n\nAn issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.CVE-2019-17075\n\nrtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.CVE-2019-17666\n\nIn the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Ove ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-perf\", rpm:\"python3-perf~4.19.36~vhulk1907.1.0.h619.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-11-06T12:10:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-41e28660ae", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-7222", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-8980", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-9857", "CVE-2019-12380", "CVE-2019-17054", "CVE-2019-8912", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-13631", "CVE-2018-16862", "CVE-2019-11884", "CVE-2019-12381", "CVE-2019-9500", "CVE-2019-12379", "CVE-2019-11833", "CVE-2019-9503", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-12817", "CVE-2019-7221", "CVE-2019-12614", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2019-17052", "CVE-2018-19407", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2018-16880", "CVE-2019-3846", "CVE-2019-14814", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-3882", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876943", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876943", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876943\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2019-11833\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-26 02:27:48 +0000 (Sat, 26 Oct 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-41e28660ae\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-41e28660ae\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OQRYOJ367BYNOXYMBEMNEJQCGGW2EC7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-41e28660ae advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.6~100.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-19T14:50:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-30T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-021c968423", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-19057", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19059", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-19074", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310877052", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877052", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877052\");\n script_version(\"2019-12-18T09:57:42+0000\");\n script_cve_id(\"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 09:57:42 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-11-30 03:39:03 +0000 (Sat, 30 Nov 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-021c968423\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-021c968423\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3PSDE6PTOTVBK2YTKB2TFQP2SUBVSNF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-021c968423 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.12~200.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-04T16:55:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux-4.9 (DLA-2114-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19527", "CVE-2019-14815", "CVE-2019-15098", "CVE-2019-19525", "CVE-2019-14816", "CVE-2019-19533", "CVE-2019-15217", "CVE-2019-0136", "CVE-2019-19051", "CVE-2019-17666", "CVE-2019-19767", "CVE-2019-18282", "CVE-2019-18683", "CVE-2019-19534", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-15505", "CVE-2019-19332", "CVE-2019-19052", "CVE-2019-14901", "CVE-2019-19524", "CVE-2019-17055", "CVE-2019-14896", "CVE-2019-19062", "CVE-2018-13093", "CVE-2019-17054", "CVE-2019-19523", "CVE-2019-19965", "CVE-2019-14615", "CVE-2019-19227", "CVE-2019-17075", "CVE-2019-16746", "CVE-2019-19535", "CVE-2019-19531", "CVE-2019-10220", "CVE-2019-19947", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-19066", "CVE-2018-21008", "CVE-2019-19068", "CVE-2019-19037", "CVE-2019-19447", "CVE-2019-17052", "CVE-2019-2215", "CVE-2018-20976", "CVE-2019-19530", "CVE-2019-19532", "CVE-2019-19537", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-15291", "CVE-2019-19536", "CVE-2019-17053", "CVE-2019-17133", "CVE-2018-13094", "CVE-2019-15917", "CVE-2019-17056", "CVE-2019-20096"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310892114", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892114", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892114\");\n script_version(\"2020-03-03T04:00:55+0000\");\n script_cve_id(\"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-20976\", \"CVE-2018-21008\", \"CVE-2019-0136\", \"CVE-2019-10220\", \"CVE-2019-14615\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-15098\", \"CVE-2019-15217\", \"CVE-2019-15291\", \"CVE-2019-15505\", \"CVE-2019-15917\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-18282\", \"CVE-2019-18683\", \"CVE-2019-18809\", \"CVE-2019-19037\", \"CVE-2019-19051\", \"CVE-2019-19052\", \"CVE-2019-19056\", \"CVE-2019-19057\", \"CVE-2019-19062\", \"CVE-2019-19066\", \"CVE-2019-19068\", \"CVE-2019-19227\", \"CVE-2019-19332\", \"CVE-2019-19447\", \"CVE-2019-19523\", \"CVE-2019-19524\", \"CVE-2019-19525\", \"CVE-2019-19527\", \"CVE-2019-19530\", \"CVE-2019-19531\", \"CVE-2019-19532\", \"CVE-2019-19533\", \"CVE-2019-19534\", \"CVE-2019-19535\", \"CVE-2019-19536\", \"CVE-2019-19537\", \"CVE-2019-19767\", \"CVE-2019-19947\", \"CVE-2019-19965\", \"CVE-2019-20096\", \"CVE-2019-2215\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 04:00:55 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 04:00:55 +0000 (Tue, 03 Mar 2020)\");\n script_name(\"Debian LTS: Security Advisory for linux-4.9 (DLA-2114-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2114-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/869511\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/945023\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-4.9'\n package(s) announced via the DLA-2114-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2018-13093, CVE-2018-13094\n\nWen Xu from SSLab at Gatech reported several NULL pointer\ndereference flaws that may be triggered when mounting and\noperating a crafted XFS volume. An attacker able to mount\narbitrary XFS volumes could use this to cause a denial of service\n(crash).\n\nCVE-2018-20976\n\nIt was discovered that the XFS file-system implementation did not\ncorrectly handle some mount failure conditions, which could lead\nto a use-after-free. The security impact of this is unclear.\n\nCVE-2018-21008\n\nIt was discovered that the rsi wifi driver did not correctly\nhandle some failure conditions, which could lead to a use-after-\nfree. The security impact of this is unclear.\n\nCVE-2019-0136\n\nIt was discovered that the wifi soft-MAC implementation (mac80211)\ndid not properly authenticate Tunneled Direct Link Setup (TDLS)\nmessages. A nearby attacker could use this for denial of service\n(loss of wifi connectivity).\n\nCVE-2019-2215\n\nThe syzkaller tool discovered a use-after-free vulnerability in\nthe Android binder driver. A local user on a system with this\ndriver enabled could use this to cause a denial of service (memory\ncorruption or crash) or possibly for privilege escalation.\nHowever, this driver is not enabled on Debian packaged kernels.\n\nCVE-2019-10220\n\nVarious developers and researchers found that if a crafted file-\nsystem or malicious file server presented a directory with\nfilenames including a '/' character, this could confuse and\npossibly defeat security checks in applications that read the\ndirectory.\n\nThe kernel will now return an error when reading such a directory,\nrather than passing the invalid filenames on to user-space.\n\nCVE-2019-14615\n\nIt was discovered that Intel 9th and 10th generation GPUs did not\nclear user-visible state during a context switch, which resulted\nin information leaks between GPU tasks. This has been mitigated\nin the i915 driver.\n\nThe affected chips (gen9 and gen10) are listed at\n<\n\nCVE-2019-14814, CVE-2019-14815, CVE-2019-14816\n\nMultiple bugs were discovered in the mwifiex wifi driver, which\ncould lead to heap buffer overflows. A local user permitted to\nconfigure a device handled by this driver could probably use this\nfor privilege escalation.\n\nCVE-2019-14895, CVE-2019-14901\n\nADLab of Venustech discovered potential heap buffer overflows in\nthe mwifiex wifi driver. On systems using this driver, a\nmalicious Wireless Access Point or adhoc/P2P peer could use these\nto cause a denial of service (memory corruption or crash) or\npossibly for remote code ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux-4.9' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.9.210-1~deb8u1. This update additionally fixes Debian bugs\n#869511 and 945023, and includes many more bug fixes from stable\nupdates 4.9.190-4.9.210 inclusive.\n\nWe recommend that you upgrade your linux-4.9 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-arm\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-686\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-armel\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-armhf\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-all-i386\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-armmp\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-armmp-lpae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-common\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-common-rt\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-marvell\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-rt-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.11-rt-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-686\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-armel\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-armhf\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-all-i386\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-armmp\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-armmp-lpae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-common\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-common-rt\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-marvell\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-rt-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.12-rt-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-686-pae-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-amd64-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-armmp\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-armmp-lpae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-marvell\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-686-pae-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.11-rt-amd64-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-686-pae-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-amd64-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-armmp\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-armmp-lpae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-marvell\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-686-pae\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-686-pae-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-amd64\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.12-rt-amd64-dbg\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.11\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.12\", ver:\"4.9.210-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-03T17:12:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-7a3fc17778", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-7222", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-0117", "CVE-2019-15538", "CVE-2019-3460", "CVE-2019-17666", "CVE-2018-19824", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-8980", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-0155", "CVE-2019-9857", "CVE-2019-12380", "CVE-2019-17054", "CVE-2018-12207", "CVE-2019-8912", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2018-16862", "CVE-2019-11884", "CVE-2019-12381", "CVE-2019-9500", "CVE-2019-12379", "CVE-2019-11833", "CVE-2019-9503", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-12817", "CVE-2019-7221", "CVE-2019-12614", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-0154", "CVE-2019-3459", "CVE-2019-17052", "CVE-2018-19407", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2018-16880", "CVE-2019-3846", "CVE-2019-14814", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-3882", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310876995", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876995", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876995\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2019-11833\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2019-0117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-11-14 03:29:25 +0000 (Thu, 14 Nov 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-7a3fc17778\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7a3fc17778\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FTRJEQBHRQDOXJQRWADYWVUPJL4B4CG7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-7a3fc17778 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.11~100.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-19T14:56:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-8846a1a5a2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-19057", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-14901", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-19074", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310877058", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877058", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877058\");\n script_version(\"2019-12-18T09:57:42+0000\");\n script_cve_id(\"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 09:57:42 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-12-04 03:29:29 +0000 (Wed, 04 Dec 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-8846a1a5a2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-8846a1a5a2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4ISVNIC44SOGXTUBCIZFSUNQJ5LRKNZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-8846a1a5a2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.13~200.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:34:36", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2274)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15219", "CVE-2017-7472", "CVE-2019-14815", "CVE-2019-15098", "CVE-2018-3693", "CVE-2019-15218", "CVE-2017-5754", "CVE-2017-7261", "CVE-2019-14816", "CVE-2019-15217", "CVE-2019-14284", "CVE-2019-15807", "CVE-2019-15216", "CVE-2018-1066", "CVE-2019-15505", "CVE-2017-7518", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-15118", "CVE-2019-13648", "CVE-2019-17054", "CVE-2019-9506", "CVE-2018-10675", "CVE-2019-15215", "CVE-2019-13631", "CVE-2019-10207", "CVE-2019-15220", "CVE-2019-15927", "CVE-2019-10140", "CVE-2019-12381", "CVE-2019-9500", "CVE-2019-14835", "CVE-2019-15213", "CVE-2019-9503", "CVE-2019-15212", "CVE-2019-12456", "CVE-2018-9363", "CVE-2019-15221", "CVE-2019-15239", "CVE-2019-12818", "CVE-2019-10142", "CVE-2018-10323", "CVE-2019-15292", "CVE-2018-7995", "CVE-2019-17052", "CVE-2018-20976", "CVE-2019-15214", "CVE-2018-9518", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2018-10124", "CVE-2019-2101", "CVE-2019-15916", "CVE-2019-15926", "CVE-2019-14814", "CVE-2018-6412", "CVE-2017-5897", "CVE-2019-3882", "CVE-2019-17053", "CVE-2019-1125", "CVE-2019-16413", "CVE-2018-13094", "CVE-2019-17056", "CVE-2019-14283"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192274", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192274", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2274\");\n script_version(\"2020-01-23T12:44:02+0000\");\n script_cve_id(\"CVE-2017-5754\", \"CVE-2017-5897\", \"CVE-2017-7261\", \"CVE-2017-7472\", \"CVE-2017-7518\", \"CVE-2018-10124\", \"CVE-2018-10323\", \"CVE-2018-1066\", \"CVE-2018-10675\", \"CVE-2018-13094\", \"CVE-2018-20976\", \"CVE-2018-3693\", \"CVE-2018-6412\", \"CVE-2018-7995\", \"CVE-2018-9363\", \"CVE-2018-9518\", \"CVE-2019-10140\", \"CVE-2019-10142\", \"CVE-2019-10207\", \"CVE-2019-1125\", \"CVE-2019-12378\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12456\", \"CVE-2019-12818\", \"CVE-2019-13631\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15098\", \"CVE-2019-15118\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15214\", \"CVE-2019-15215\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15239\", \"CVE-2019-15292\", \"CVE-2019-15505\", \"CVE-2019-15807\", \"CVE-2019-15916\", \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-16413\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-2101\", \"CVE-2019-3846\", \"CVE-2019-3882\", \"CVE-2019-9500\", \"CVE-2019-9503\", \"CVE-2019-9506\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:44:02 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:44:02 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2274)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2274\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2274\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2274 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.(CVE-2017-5754)\n\nThe ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.(CVE-2017-5897)\n\nThe vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.(CVE-2017-7261)\n\nThe KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.(CVE-2017-7472)\n\nA flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.(CVE-2017-7518)\n\nThe kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.(CVE-2018-10124)\n\nThe xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.(CVE-2018-10323)\n\nThe Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.(CVE-2018-1066)\n\nThe do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.(CVE-2018-10675)\n\nAn issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.44.5.10.h232\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-03-05T16:42:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-03T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-fe00e12580)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-14901", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-16232", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-19074", "CVE-2020-2732", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2020-03-03T00:00:00", "id": "OPENVAS:1361412562310877540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877540", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877540\");\n script_version(\"2020-03-03T12:05:12+0000\");\n script_cve_id(\"CVE-2020-2732\", \"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-03 12:05:12 +0000 (Tue, 03 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-03 04:05:37 +0000 (Tue, 03 Mar 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-fe00e12580)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-fe00e12580\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZOFTJGUZTTN5MTRD22BHK5V4KHH5GD5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-fe00e12580 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.5.7~100.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-20T22:38:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-02-18T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-2a5cdd665c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-14901", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-16232", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-19074", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2020-02-20T00:00:00", "id": "OPENVAS:1361412562310877476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877476", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877476\");\n script_version(\"2020-02-20T11:12:08+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-20 11:12:08 +0000 (Thu, 20 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-18 04:05:21 +0000 (Tue, 18 Feb 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-2a5cdd665c)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-2a5cdd665c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7C6G6E5N2AMQM2X2DQYHTDCC35GNZBHQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-2a5cdd665c advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.4.19~100.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T18:33:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-27T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for kernel (FEDORA-2020-c2d89d14d0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-14901", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-16232", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-3846", "CVE-2019-19074", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310877370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877370", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877370\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-27 09:24:03 +0000 (Mon, 27 Jan 2020)\");\n script_name(\"Fedora: Security Advisory for kernel (FEDORA-2020-c2d89d14d0)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-c2d89d14d0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XEWDXG77JFOCPGII7TF26YRUQQH7SVPP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2020-c2d89d14d0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.4.12~100.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-19T14:46:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-12-08T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-124a241044", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14815", "CVE-2019-19054", "CVE-2019-14816", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-15538", "CVE-2019-17666", "CVE-2019-18809", "CVE-2019-19057", "CVE-2019-18811", "CVE-2019-11478", "CVE-2019-15505", "CVE-2019-15504", "CVE-2019-14901", "CVE-2019-12378", "CVE-2019-17055", "CVE-2019-19058", "CVE-2019-0155", "CVE-2019-14896", "CVE-2019-19062", "CVE-2019-12380", "CVE-2019-19053", "CVE-2019-17054", "CVE-2019-19064", "CVE-2018-12207", "CVE-2019-19082", "CVE-2019-19059", "CVE-2019-19078", "CVE-2019-12455", "CVE-2018-12127", "CVE-2019-11135", "CVE-2019-13631", "CVE-2019-11884", "CVE-2019-10207", "CVE-2019-18812", "CVE-2019-19055", "CVE-2019-19043", "CVE-2019-12381", "CVE-2019-12379", "CVE-2019-12456", "CVE-2019-11477", "CVE-2019-19063", "CVE-2019-18808", "CVE-2019-14895", "CVE-2019-14897", "CVE-2019-12817", "CVE-2019-19066", "CVE-2019-12614", "CVE-2019-19068", "CVE-2019-19050", "CVE-2019-19071", "CVE-2019-0154", "CVE-2019-17052", "CVE-2019-19073", "CVE-2019-19077", "CVE-2019-19070", "CVE-2019-19046", "CVE-2019-12454", "CVE-2019-16232", "CVE-2019-12382", "CVE-2019-14821", "CVE-2019-18660", "CVE-2019-3846", "CVE-2019-19074", "CVE-2019-14814", "CVE-2019-19056", "CVE-2019-10126", "CVE-2019-11479", "CVE-2019-11091", "CVE-2019-19072", "CVE-2019-17053", "CVE-2018-12130", "CVE-2019-17056"], "modified": "2019-12-18T00:00:00", "id": "OPENVAS:1361412562310877070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877070", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877070\");\n script_version(\"2019-12-18T09:57:42+0000\");\n script_cve_id(\"CVE-2019-18808\", \"CVE-2019-18809\", \"CVE-2019-18811\", \"CVE-2019-18812\", \"CVE-2019-16232\", \"CVE-2019-19082\", \"CVE-2019-14895\", \"CVE-2019-14896\", \"CVE-2019-14897\", \"CVE-2019-14901\", \"CVE-2019-19078\", \"CVE-2019-19077\", \"CVE-2019-19074\", \"CVE-2019-19073\", \"CVE-2019-19072\", \"CVE-2019-19071\", \"CVE-2019-19070\", \"CVE-2019-19068\", \"CVE-2019-19043\", \"CVE-2019-19066\", \"CVE-2019-19046\", \"CVE-2019-19050\", \"CVE-2019-19062\", \"CVE-2019-19064\", \"CVE-2019-19063\", \"CVE-2019-19059\", \"CVE-2019-19058\", \"CVE-2019-19057\", \"CVE-2019-19053\", \"CVE-2019-19056\", \"CVE-2019-19055\", \"CVE-2019-19054\", \"CVE-2019-11135\", \"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-17666\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-14821\", \"CVE-2019-15504\", \"CVE-2019-15505\", \"CVE-2019-15538\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-10207\", \"CVE-2019-13631\", \"CVE-2019-12817\", \"CVE-2019-11477\", \"CVE-2019-11479\", \"CVE-2019-11478\", \"CVE-2019-10126\", \"CVE-2019-12614\", \"CVE-2019-12456\", \"CVE-2019-12455\", \"CVE-2019-12454\", \"CVE-2019-12378\", \"CVE-2019-3846\", \"CVE-2019-12380\", \"CVE-2019-12381\", \"CVE-2019-12382\", \"CVE-2019-12379\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-18660\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-18 09:57:42 +0000 (Wed, 18 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-12-08 03:30:53 +0000 (Sun, 08 Dec 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-124a241044\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-124a241044\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWWOOJKZ4NQYN4RMFIVJ3ZIXKJJI3MKP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-124a241044 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.3.14~200.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:40:37", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2353)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15219", "CVE-2017-7472", "CVE-2019-14815", "CVE-2019-15098", "CVE-2016-2384", "CVE-2016-2782", "CVE-2018-3693", "CVE-2017-14051", "CVE-2019-15218", "CVE-2017-7261", "CVE-2019-14816", "CVE-2015-3332", "CVE-2017-13216", "CVE-2017-18595", "CVE-2018-10880", "CVE-2019-15217", "CVE-2019-0136", "CVE-2019-17666", "CVE-2019-14284", "CVE-2019-15807", "CVE-2016-3689", "CVE-2019-15216", "CVE-2019-15505", "CVE-2019-12378", "CVE-2019-17055", "CVE-2016-3139", "CVE-2015-9289", "CVE-2019-15118", "CVE-2017-18551", "CVE-2016-2186", "CVE-2019-13648", "CVE-2019-17054", "CVE-2014-1446", "CVE-2016-2187", "CVE-2018-10675", "CVE-2019-13631", "CVE-2019-15220", "CVE-2016-4569", "CVE-2016-7425", "CVE-2017-13305", "CVE-2017-1000379", "CVE-2016-2184", "CVE-2019-17075", "CVE-2019-15927", "CVE-2017-18232", "CVE-2019-10140", "CVE-2019-12381", "CVE-2018-18710", "CVE-2019-12379", "CVE-2019-14835", "CVE-2019-15213", "CVE-2019-9503", "CVE-2015-1350", "CVE-2019-15212", "CVE-2019-12456", "CVE-2019-15221", "CVE-2018-10322", "CVE-2018-20856", "CVE-2019-12818", "CVE-2018-17972", "CVE-2019-10142", "CVE-2016-3138", "CVE-2018-10323", "CVE-2019-15292", "CVE-2016-3140", "CVE-2019-17052", "CVE-2018-20976", "CVE-2017-18509", "CVE-2016-4578", "CVE-2015-8816", "CVE-2019-15214", "CVE-2016-2185", "CVE-2018-9518", "CVE-2018-10087", "CVE-2019-16232", "CVE-2019-14821", "CVE-2019-3846", "CVE-2018-10124", "CVE-2019-2101", "CVE-2019-15916", "CVE-2016-4580", "CVE-2017-11089", "CVE-2019-15926", "CVE-2019-14814", "CVE-2018-6412", "CVE-2017-13167", "CVE-2019-15291", "CVE-2019-3882", "CVE-2019-17053", "CVE-2019-1125", "CVE-2018-12896", "CVE-2019-17133", "CVE-2019-16413", "CVE-2018-20511", "CVE-2019-17056", "CVE-2019-14283"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192353", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192353", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2353\");\n script_version(\"2020-01-23T14:09:13+0000\");\n script_cve_id(\"CVE-2014-1446\", \"CVE-2015-1350\", \"CVE-2015-3332\", \"CVE-2015-8816\", \"CVE-2015-9289\", \"CVE-2016-2184\", \"CVE-2016-2185\", \"CVE-2016-2186\", \"CVE-2016-2187\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3138\", \"CVE-2016-3139\", \"CVE-2016-3140\", \"CVE-2016-3689\", \"CVE-2016-4569\", \"CVE-2016-4578\", \"CVE-2016-4580\", \"CVE-2016-7425\", \"CVE-2017-1000379\", \"CVE-2017-11089\", \"CVE-2017-13167\", \"CVE-2017-13216\", \"CVE-2017-13305\", \"CVE-2017-14051\", \"CVE-2017-18232\", \"CVE-2017-18509\", \"CVE-2017-18551\", \"CVE-2017-18595\", \"CVE-2017-7261\", \"CVE-2017-7472\", \"CVE-2018-10087\", \"CVE-2018-10124\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-10675\", \"CVE-2018-10880\", \"CVE-2018-12896\", \"CVE-2018-17972\", \"CVE-2018-18710\", \"CVE-2018-20511\", \"CVE-2018-20856\", \"CVE-2018-20976\", \"CVE-2018-3693\", \"CVE-2018-6412\", \"CVE-2018-9518\", \"CVE-2019-0136\", \"CVE-2019-10140\", \"CVE-2019-10142\", \"CVE-2019-1125\", \"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12381\", \"CVE-2019-12456\", \"CVE-2019-12818\", \"CVE-2019-13631\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15098\", \"CVE-2019-15118\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15214\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15291\", \"CVE-2019-15292\", \"CVE-2019-15505\", \"CVE-2019-15807\", \"CVE-2019-15916\", \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-16232\", \"CVE-2019-16413\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-2101\", \"CVE-2019-3846\", \"CVE-2019-3882\", \"CVE-2019-9503\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 14:09:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:47:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2353)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2353\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2353\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2353 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The yam_ioctl function in drivers et/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.(CVE-2014-1446)\n\nThe VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.(CVE-2015-1350)\n\nA certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.(CVE-2015-3332)\n\nThe hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.(CVE-2015-8816)\n\nIn the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.(CVE-2015-9289)\n\nThe create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2184)\n\nThe ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2185)\n\nThe powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-05-24T14:31:14", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound check, leading to a buffer overflow (bnc#1154372).\n\n - CVE-2019-16232:\n drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465).\n\n - CVE-2019-16234:\n drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nThe following non-security bugs were fixed :\n\n - 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs == 0xff (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854) For enabling the kernel module compress, add the item COMPRESS_MODULES='xz' in config.sh, then mkspec will pass it to the spec file.\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n\n - ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).\n\n - ALSA: hda - Inform too slow responses (bsc#1051510).\n\n - ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).\n\n - ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).\n\n - ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).\n\n - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).\n\n - ALSA: hda: Set fifo_size for both playback and capture streams (bsc#1051510).\n\n - ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).\n\n - ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510).\n\n - ALSA: i2c: ak4xxx-adda: Fix a possible NULL pointer dereference in build_adc_controls() (bsc#1051510).\n\n - ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).\n\n - ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).\n\n - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).\n\n - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).\n\n - appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).\n\n - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510).\n\n - ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).\n\n - ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).\n\n - ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).\n\n - auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).\n\n - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - blacklist 'signal: Correct namespace fixups of si_pid and si_uid' (bsc#1142667)\n\n - blk-wbt: abstract out end IO completion handler (bsc#1135873).\n\n - blk-wbt: fix has-sleeper queueing check (bsc#1135873).\n\n - blk-wbt: improve waking of tasks (bsc#1135873).\n\n - blk-wbt: move disable check into get_limit() (bsc#1135873).\n\n - blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout handler (bsc#1148410).\n\n - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).\n\n - bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).\n\n - bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).\n\n - btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).\n\n - btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).\n\n - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).\n\n - btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).\n\n - btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).\n\n - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510).\n\n - can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510).\n\n - cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15).\n\n - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).\n\n - ceph: fix directories inode i_blkbits initialization (bsc#1153717).\n\n - ceph: reconnect connection if session hang in opening state (bsc#1153718).\n\n - ceph: update the mtime when truncating up (bsc#1153719).\n\n - cfg80211: add and use strongly typed element iteration macros (bsc#1051510).\n\n - cfg80211: Purge frame registrations on iftype change (bsc#1051510).\n\n - clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510).\n\n - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).\n\n - clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).\n\n - clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510).\n\n - crypto: talitos - fix missing break in switch statement (bsc#1142635).\n\n - cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129).\n\n - cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129).\n\n - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513).\n\n - cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n\n - cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).\n\n - dasd_fba: Display '00000000' for zero page when dumping sense\n\n - /dev/mem: Bail out upon SIGKILL (git-fixes).\n\n - drm/amdgpu: Check for valid number of registers to read (bsc#1051510).\n\n - drm/amdgpu/si: fix ASIC tests (git-fixes).\n\n - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).\n\n - drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).\n\n - drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).\n\n - drm: Flush output polling on shutdown (bsc#1051510).\n\n - drm/msm/dsi: Implement reset correctly (bsc#1051510).\n\n - drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).\n\n - drm/radeon: Fix EEH during kexec (bsc#1051510).\n\n - drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510).\n\n - drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).\n\n - e1000e: add workaround for possible stalled packet (bsc#1051510).\n\n - firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes).\n\n - Fix AMD IOMMU kABI (bsc#1154610).\n\n - Fix KVM kABI after x86 mmu backports (bsc#1117665).\n\n - gpu: drm: radeon: Fix a possible NULL pointer dereference in radeon_connector_set_property() (bsc#1051510).\n\n - HID: apple: Fix stuck function keys when using FN (bsc#1051510).\n\n - HID: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).\n\n - HID: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510).\n\n - HID: prodikeys: Fix general protection fault during probe (bsc#1051510).\n\n - HID: sony: Fix memory corruption issue on cleanup (bsc#1051510).\n\n - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510).\n\n - hwrng: core - do not wait on add_early_randomness() (git-fixes).\n\n - i2c: riic: Clear NACK in tend isr (bsc#1051510).\n\n - IB/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)\n\n - IB/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).\n\n - IB/mlx5: Consolidate use_umr checks into single function (bsc#1093205).\n\n - IB/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).\n\n - IB/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).\n\n - ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).\n\n - ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - iio: adc: ad799x: fix probe error handling (bsc#1051510).\n\n - iio: light: opt3001: fix mutex unlock race (bsc#1051510).\n\n - ima: always return negative code for error (bsc#1051510).\n\n - Input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).\n\n - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799).\n\n - iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).\n\n - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).\n\n - iommu/amd: Remove domain->updated (bsc#1154610).\n\n - iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611).\n\n - ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510).\n\n - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' (networking-stable-19_09_15).\n\n - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674).\n\n - ixgbe: sync the first fragment unconditionally (bsc#1133140).\n\n - kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n\n - kabi/severities: Whitelist functions internal to radix mm. To call these functions you have to first detect if you are running in radix mm mode which can't be expected of OOT code.\n\n - kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).\n\n - kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578).\n\n - kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).\n\n - kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case.\n\n - kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875).\n\n - kvm: Convert kvm_lock to a mutex (bsc#1117665).\n\n - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).\n\n - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840).\n\n - kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665).\n\n - kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).\n\n - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).\n\n - kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).\n\n - kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).\n\n - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665).\n\n - kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).\n\n - libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).\n\n - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).\n\n - mac80211: accept deauth frames in IBSS mode (bsc#1051510).\n\n - macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).\n\n - media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).\n\n - media: cpia2_usb: fix memory leaks (bsc#1051510).\n\n - media: dvb-core: fix a memory leak bug (bsc#1051510).\n\n - media: exynos4-is: fix leaked of_node references (bsc#1051510).\n\n - media: gspca: zero usb_buf on error (bsc#1051510).\n\n - media: hdpvr: Add device num check and handling (bsc#1051510).\n\n - media: hdpvr: add terminating 0 at end of string (bsc#1051510).\n\n - media: i2c: ov5645: Fix power sequence (bsc#1051510).\n\n - media: iguanair: add sanity checks (bsc#1051510).\n\n - media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510).\n\n - media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).\n\n - media: ov9650: add a sanity check (bsc#1051510).\n\n - media: radio/si470x: kill urb on error (bsc#1051510).\n\n - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).\n\n - media: saa7146: add cleanup in hexium_attach() (bsc#1051510).\n\n - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).\n\n - media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).\n\n - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).\n\n - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#1051510).\n\n - mfd: intel-lpss: Remove D3cold delay (bsc#1051510).\n\n - mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).\n\n - mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).\n\n - mmc: sdhci: improve ADMA error reporting (bsc#1051510).\n\n - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).\n\n - net: Fix null de-reference of device refcount (networking-stable-19_09_15).\n\n - net: fix skb use after free in netpoll (networking-stable-19_09_05).\n\n - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15).\n\n - net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n\n - net/mlx4_en: fix a memory leak bug (bsc#1046299).\n\n - net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).\n\n - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).\n\n - net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n\n - net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05).\n\n - nfc: fix attrs checks in netlink interface (bsc#1051510).\n\n - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).\n\n - nfc: pn533: fix use-after-free and memleaks (bsc#1051510).\n\n - objtool: Clobber user CFLAGS variable (bsc#1153236).\n\n - PCI: Correct pci=resource_alignment parameter example (bsc#1051510).\n\n - PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).\n\n - PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#1153263).\n\n - PCI: PM: Fix pci_power_up() (bsc#1051510).\n\n - pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).\n\n - platform/x86: classmate-laptop: remove unused variable (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186).\n\n - powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186).\n\n - powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).\n\n - powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).\n\n - powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).\n\n - powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).\n\n - powerpc/mm: Properly invalidate when setting process table base (bsc#1055186).\n\n - powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186).\n\n - powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186).\n\n - powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778).\n\n - powerpc/pseries: Remove confusing warning message (bsc#1109158).\n\n - powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778).\n\n - power: supply: sysfs: ratelimit property read error message (bsc#1051510).\n\n - Pull packaging cleanup from mkubecek.\n\n - qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#1050536 bsc#1050545).\n\n - RDMA/bnxt_re: Fix spelling mistake 'missin_resp' -> 'missing_resp' (bsc#1050244).\n\n - RDMA: Fix goto target to release the allocated memory (bsc#1050244).\n\n - rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).\n\n - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15).\n\n - scripts/arch-symbols: add missing link.\n\n - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845).\n\n - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883).\n\n - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n\n - scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).\n\n - scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291).\n\n - scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729).\n\n - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (networking-stable-19_09_15).\n\n - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15).\n\n - Sign non-x86 kernels when possible (boo#1134303)\n\n - sock_diag: fix autoloading of the raw_diag module (bsc#1152791).\n\n - sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791).\n\n - staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).\n\n - tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).\n\n - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).\n\n - tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).\n\n - tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05).\n\n - thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510).\n\n - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).\n\n - tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15).\n\n - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508).\n\n - tun: fix use-after-free when register netdev failed (networking-stable-19_09_15).\n\n - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).\n\n - Update patches.suse/NFSv4-Check-the-return-value-of-update_open\n _stateid.patch (boo#1154189 bsc#1154747).\n\n - usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).\n\n - usb: adutux: fix use-after-free on disconnect (bsc#1142635).\n\n - usb: adutux: fix use-after-free on release (bsc#1051510).\n\n - usb: chaoskey: fix use-after-free on release (bsc#1051510).\n\n - usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on release (bsc#1051510).\n\n - usb: legousbtower: fix deadlock on disconnect (bsc#1142635).\n\n - usb: legousbtower: fix open after failed reset request (bsc#1142635).\n\n - usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).\n\n - usb: legousbtower: fix slab info leak at probe (bsc#1142635).\n\n - usb: legousbtower: fix use-after-free on release (bsc#1051510).\n\n - usb: microtek: fix info-leak at probe (bsc#1142635).\n\n - usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).\n\n - usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).\n\n - usb: serial: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510).\n\n - usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).\n\n - usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).\n\n - usb: serial: option: add Telit FN980 compositions (bsc#1051510).\n\n - usb: usblcd: fix I/O after disconnect (bsc#1142635).\n\n - usb: usblp: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).\n\n - usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).\n\n - usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510).\n\n - usb: yurex: Do not retry on unexpected errors (bsc#1051510).\n\n - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).\n\n - vfio_pci: Restore original state on release (bsc#1051510).\n\n - vhost_net: conditionally enable tx polling (bsc#1145099).\n\n - video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510).\n\n - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510).\n\n - x86/asm: Fix MWAITX C-state hint value (bsc#1114279).\n\n - x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).\n\n - xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).\n\n - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).\n\n - xhci: Check all endpoints for LPM timeout (bsc#1051510).\n\n - xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510).\n\n - xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).\n\n - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-2392)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16232", "CVE-2019-16234", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2392.NASL", "href": "https://www.tenable.com/plugins/nessus/130338", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2392.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130338);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-16234\", \"CVE-2019-17056\", \"CVE-2019-17133\", \"CVE-2019-17666\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-2392)\");\n script_summary(english:\"Check for the openSUSE-2019-2392 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.0 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-17666: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c lacked a\n certain upper-bound check, leading to a buffer overflow\n (bnc#1154372).\n\n - CVE-2019-16232:\n drivers/net/wireless/marvell/libertas/if_sdio.c did not\n check the alloc_workqueue return value, leading to a\n NULL pointer dereference (bnc#1150465).\n\n - CVE-2019-16234:\n drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not\n check the alloc_workqueue return value, leading to a\n NULL pointer dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in\n net/wireless/wext-sme.c did not reject a long SSID IE,\n leading to a Buffer Overflow (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c\n in the AF_NFC network module did not enforce\n CAP_NET_RAW, which means that unprivileged users can\n create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nThe following non-security bugs were fixed :\n\n - 9p: avoid attaching writeback_fid on mmap with type\n PRIVATE (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method\n (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in\n acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs\n == 0xff (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling\n (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854) For\n enabling the kernel module compress, add the item\n COMPRESS_MODULES='xz' in config.sh, then mkspec will\n pass it to the spec file.\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop\n (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller\n (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven\n platform (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269\n family (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI\n codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming\n new tbls (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n\n - ALSA: hda/hdmi: remove redundant assignment to variable\n pcm_idx (bsc#1051510).\n\n - ALSA: hda - Inform too slow responses (bsc#1051510).\n\n - ALSA: hda/realtek - Blacklist PC beep for Lenovo\n ThinkCentre M73/93 (bsc#1051510).\n\n - ALSA: hda/realtek - Check beep whitelist before\n assigning in all codecs (bsc#1051510).\n\n - ALSA: hda/realtek - Fix alienware headset mic\n (bsc#1051510).\n\n - ALSA: hda/realtek: Reduce the Headphone static noise on\n XPS 9350/9360 (bsc#1051510).\n\n - ALSA: hda: Set fifo_size for both playback and capture\n streams (bsc#1051510).\n\n - ALSA: hda - Show the fatal CORB/RIRB error more clearly\n (bsc#1051510).\n\n - ALSA: hda/sigmatel - remove unused variable\n 'stac9200_core_init' (bsc#1051510).\n\n - ALSA: i2c: ak4xxx-adda: Fix a possible NULL pointer\n dereference in build_adc_controls() (bsc#1051510).\n\n - ALSA: line6: sizeof (byte) is always 1, use that fact\n (bsc#1051510).\n\n - ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck\n (bsc#1051510).\n\n - ALSA: usb-audio: Disable quirks for BOSS Katana\n amplifiers (bsc#1051510).\n\n - ALSA: usb-audio: Skip bSynchAddress endpoint check if it\n is invalid (bsc#1051510).\n\n - appletalk: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - ASoC: Define a set of DAPM pre/post-up events\n (bsc#1051510).\n\n - ASoC: dmaengine: Make the pcm->name equal to pcm->id if\n the name is not set (bsc#1051510).\n\n - ASoC: Intel: Fix use of potentially uninitialized\n variable (bsc#1051510).\n\n - ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).\n\n - ASoC: sgtl5000: Fix charge pump source assignment\n (bsc#1051510).\n\n - auxdisplay: panel: need to delete scan_timer when\n misc_register fails in panel_attach (bsc#1051510).\n\n - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - blacklist 'signal: Correct namespace fixups of si_pid\n and si_uid' (bsc#1142667)\n\n - blk-wbt: abstract out end IO completion handler\n (bsc#1135873).\n\n - blk-wbt: fix has-sleeper queueing check (bsc#1135873).\n\n - blk-wbt: improve waking of tasks (bsc#1135873).\n\n - blk-wbt: move disable check into get_limit()\n (bsc#1135873).\n\n - blk-wbt: use wq_has_sleeper() for wq active check\n (bsc#1135873).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout\n handler (bsc#1148410).\n\n - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth\n devices (bsc#1051510).\n\n - bnx2x: Fix VF's VLAN reconfiguration in reload\n (bsc#1086323 ).\n\n - bridge/mdb: remove wrong use of NLM_F_MULTI\n (networking-stable-19_09_15).\n\n - btrfs: bail out gracefully rather than BUG_ON\n (bsc#1153646).\n\n - btrfs: check for the full sync flag while holding the\n inode lock during fsync (bsc#1153713).\n\n - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to\n date values (bsc#1154651).\n\n - btrfs: Ensure replaced device does not have pending\n chunk allocation (bsc#1154607).\n\n - btrfs: remove wrong use of volume_mutex from\n btrfs_dev_replace_start (bsc#1154651).\n\n - can: mcp251x: mcp251x_hw_reset(): allow more time after\n a reset (bsc#1051510).\n\n - can: xilinx_can: xcan_probe(): skip error message on\n deferred probe (bsc#1051510).\n\n - cdc_ether: fix rndis support for Mediatek based\n smartphones (networking-stable-19_09_15).\n\n - cdc_ncm: fix divide-by-zero caused by invalid\n wMaxPacketSize (bsc#1051510).\n\n - ceph: fix directories inode i_blkbits initialization\n (bsc#1153717).\n\n - ceph: reconnect connection if session hang in opening\n state (bsc#1153718).\n\n - ceph: update the mtime when truncating up (bsc#1153719).\n\n - cfg80211: add and use strongly typed element iteration\n macros (bsc#1051510).\n\n - cfg80211: Purge frame registrations on iftype change\n (bsc#1051510).\n\n - clk: at91: select parent if main oscillator or bypass is\n enabled (bsc#1051510).\n\n - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).\n\n - clk: sirf: Do not reference clk_init_data after\n registration (bsc#1051510).\n\n - clk: zx296718: Do not reference clk_init_data after\n registration (bsc#1051510).\n\n - crypto: talitos - fix missing break in switch statement\n (bsc#1142635).\n\n - cxgb4: fix endianness for vlan value in cxgb4_tc_flower\n (bsc#1064802 bsc#1066129).\n\n - cxgb4: offload VLAN flows regardless of VLAN ethtype\n (bsc#1064802 bsc#1066129).\n\n - cxgb4: reduce kernel stack usage in\n cudbg_collect_mem_region() (bsc#1073513).\n\n - cxgb4: Signedness bug in init_one() (bsc#1097585\n bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583\n bsc#1097584).\n\n - cxgb4: smt: Add lock for atomic_dec_and_test\n (bsc#1064802 bsc#1066129).\n\n - dasd_fba: Display '00000000' for zero page when dumping\n sense\n\n - /dev/mem: Bail out upon SIGKILL (git-fixes).\n\n - drm/amdgpu: Check for valid number of registers to read\n (bsc#1051510).\n\n - drm/amdgpu/si: fix ASIC tests (git-fixes).\n\n - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)\n (bsc#1051510).\n\n - drm/ast: Fixed reboot test may cause system hanged\n (bsc#1051510).\n\n - drm/bridge: tc358767: Increase AUX transfer length limit\n (bsc#1051510).\n\n - drm: Flush output polling on shutdown (bsc#1051510).\n\n - drm/msm/dsi: Implement reset correctly (bsc#1051510).\n\n - drm/panel: simple: fix AUO g185han01 horizontal blanking\n (bsc#1051510).\n\n - drm/radeon: Fix EEH during kexec (bsc#1051510).\n\n - drm/tilcdc: Register cpufreq notifier after we have\n initialized crtc (bsc#1051510).\n\n - drm/vmwgfx: Fix double free in vmw_recv_msg()\n (bsc#1051510).\n\n - e1000e: add workaround for possible stalled packet\n (bsc#1051510).\n\n - firmware: dmi: Fix unlikely out-of-bounds read in\n save_mem_devices (git-fixes).\n\n - Fix AMD IOMMU kABI (bsc#1154610).\n\n - Fix KVM kABI after x86 mmu backports (bsc#1117665).\n\n - gpu: drm: radeon: Fix a possible NULL pointer\n dereference in radeon_connector_set_property()\n (bsc#1051510).\n\n - HID: apple: Fix stuck function keys when using FN\n (bsc#1051510).\n\n - HID: hidraw: Fix invalid read in hidraw_ioctl\n (bsc#1051510).\n\n - HID: logitech: Fix general protection fault caused by\n Logitech driver (bsc#1051510).\n\n - HID: prodikeys: Fix general protection fault during\n probe (bsc#1051510).\n\n - HID: sony: Fix memory corruption issue on cleanup\n (bsc#1051510).\n\n - hwmon: (acpi_power_meter) Change log level for 'unsafe\n software power cap' (bsc#1051510).\n\n - hwrng: core - do not wait on add_early_randomness()\n (git-fixes).\n\n - i2c: riic: Clear NACK in tend isr (bsc#1051510).\n\n - IB/core, ipoib: Do not overreact to SM LID change event\n (bsc#1154108)\n\n - IB/hfi1: Remove overly conservative VM_EXEC flag check\n (bsc#1144449).\n\n - IB/mlx5: Consolidate use_umr checks into single function\n (bsc#1093205).\n\n - IB/mlx5: Fix MR re-registration flow to use UMR properly\n (bsc#1093205).\n\n - IB/mlx5: Report correctly tag matching rendezvous\n capability (bsc#1046305).\n\n - ieee802154: atusb: fix use-after-free at disconnect\n (bsc#1051510).\n\n - ieee802154: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - iio: adc: ad799x: fix probe error handling\n (bsc#1051510).\n\n - iio: light: opt3001: fix mutex unlock race\n (bsc#1051510).\n\n - ima: always return negative code for error\n (bsc#1051510).\n\n - Input: da9063 - fix capability and drop KEY_SLEEP\n (bsc#1051510).\n\n - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer\n Aspire A315-41 (bsc#1137799).\n\n - iommu/amd: Check PM_LEVEL_SIZE() condition in locked\n section (bsc#1154608).\n\n - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge\n systems (bsc#1137799).\n\n - iommu/amd: Remove domain->updated (bsc#1154610).\n\n - iommu/amd: Wait for completion of IOTLB flush in\n attach_device (bsc#1154611).\n\n - ipmi_si: Only schedule continuously in the thread in\n maintenance mode (bsc#1051510).\n\n - ipv6: Fix the link time qualifier of\n 'ping_v6_proc_exit_net()' (networking-stable-19_09_15).\n\n - ixgbe: Prevent u8 wrapping of ITR value to something\n less than 10us (bsc#1101674).\n\n - ixgbe: sync the first fragment unconditionally\n (bsc#1133140).\n\n - kabi: net: sched: act_sample: fix psample group handling\n on overwrite (networking-stable-19_09_05).\n\n - kabi/severities: Whitelist functions internal to radix\n mm. To call these functions you have to first detect if\n you are running in radix mm mode which can't be expected\n of OOT code.\n\n - kABI workaround for snd_hda_pick_pin_fixup() changes\n (bsc#1051510).\n\n - kernel-binary: Drop .kernel-binary.spec.buildenv\n (boo#1154578).\n\n - kernel-binary.spec.in: Fix build of non-modular kernels\n (boo#1154578).\n\n - kernel-subpackage-build: create zero size ghost for\n uncompressed vmlinux (bsc#1154354). It is not strictly\n necessary to uncompress it so maybe the ghost file can\n be 0 size in this case.\n\n - kernel/sysctl.c: do not override max_threads provided by\n userspace (bnc#1150875).\n\n - kvm: Convert kvm_lock to a mutex (bsc#1117665).\n\n - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).\n\n - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing\n host_ipi flag (bsc#1061840).\n\n - kvm: x86: add tracepoints around __direct_map and\n FNAME(fetch) (bsc#1117665).\n\n - kvm: x86: adjust kvm_mmu_page member to save 8 bytes\n (bsc#1117665).\n\n - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON\n (bsc#1117665).\n\n - kvm: x86: Do not release the page inside mmu_set_spte()\n (bsc#1117665).\n\n - kvm: x86: make FNAME(fetch) and __direct_map more\n similar (bsc#1117665).\n\n - kvm: x86, powerpc: do not allow clearing largepages\n debugfs entry (bsc#1117665).\n\n - kvm: x86: remove now unneeded hugepage gfn adjustment\n (bsc#1117665).\n\n - libertas: Add missing sentinel at end of if_usb.c\n fw_table (bsc#1051510).\n\n - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).\n\n - mac80211: accept deauth frames in IBSS mode\n (bsc#1051510).\n\n - macsec: drop skb sk before calling gro_cells_receive\n (bsc#1051510).\n\n - media: atmel: atmel-isc: fix asd memory allocation\n (bsc#1135642).\n\n - media: cpia2_usb: fix memory leaks (bsc#1051510).\n\n - media: dvb-core: fix a memory leak bug (bsc#1051510).\n\n - media: exynos4-is: fix leaked of_node references\n (bsc#1051510).\n\n - media: gspca: zero usb_buf on error (bsc#1051510).\n\n - media: hdpvr: Add device num check and handling\n (bsc#1051510).\n\n - media: hdpvr: add terminating 0 at end of string\n (bsc#1051510).\n\n - media: i2c: ov5645: Fix power sequence (bsc#1051510).\n\n - media: iguanair: add sanity checks (bsc#1051510).\n\n - media: omap3isp: Do not set streaming state on random\n subdevs (bsc#1051510).\n\n - media: omap3isp: Set device on omap3isp subdevs\n (bsc#1051510).\n\n - media: ov9650: add a sanity check (bsc#1051510).\n\n - media: radio/si470x: kill urb on error (bsc#1051510).\n\n - media: saa7134: fix terminology around\n saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).\n\n - media: saa7146: add cleanup in hexium_attach()\n (bsc#1051510).\n\n - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table\n (bsc#1051510).\n\n - media: stkwebcam: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - media: ttusb-dec: Fix info-leak in\n ttusb_dec_send_command() (bsc#1051510).\n\n - memstick: jmb38x_ms: Fix an error handling path in\n 'jmb38x_ms_probe()' (bsc#1051510).\n\n - mfd: intel-lpss: Remove D3cold delay (bsc#1051510).\n\n - mISDN: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - mld: fix memory leak in mld_del_delrec()\n (networking-stable-19_09_05).\n\n - mmc: sdhci: Fix incorrect switch to HS mode\n (bsc#1051510).\n\n - mmc: sdhci: improve ADMA error reporting (bsc#1051510).\n\n - mmc: sdhci-of-esdhc: set DMA snooping based on DMA\n coherence (bsc#1051510).\n\n - net: Fix null de-reference of device refcount\n (networking-stable-19_09_15).\n\n - net: fix skb use after free in netpoll\n (networking-stable-19_09_05).\n\n - net: gso: Fix skb_segment splat when splitting gso_size\n mangled skb having linear-headed frag_list\n (networking-stable-19_09_15).\n\n - net/ibmvnic: Fix EOI when running in XIVE mode\n (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n\n - net/mlx4_en: fix a memory leak bug (bsc#1046299).\n\n - net/mlx5: Add device ID of upcoming BlueField-2\n (bsc#1046303 ).\n\n - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305\n ).\n\n - net: sched: act_sample: fix psample group handling on\n overwrite (networking-stable-19_09_05).\n\n - net: stmmac: dwmac-rk: Do not fail if phy regulator is\n absent (networking-stable-19_09_05).\n\n - nfc: fix attrs checks in netlink interface\n (bsc#1051510).\n\n - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).\n\n - nfc: pn533: fix use-after-free and memleaks\n (bsc#1051510).\n\n - objtool: Clobber user CFLAGS variable (bsc#1153236).\n\n - PCI: Correct pci=resource_alignment parameter example\n (bsc#1051510).\n\n - PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).\n\n - PCI: hv: Use bytes 4 and 5 from instance ID as the PCI\n domain numbers (bsc#1153263).\n\n - PCI: PM: Fix pci_power_up() (bsc#1051510).\n\n - pinctrl: tegra: Fix write barrier placement in\n pmx_writel (bsc#1051510).\n\n - platform/x86: classmate-laptop: remove unused variable\n (bsc#1051510).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to\n critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64s/pseries: radix flush translations before MMU\n is enabled at boot (bsc#1055186).\n\n - powerpc/64s/radix: keep kernel ERAT over local\n process/guest invalidates (bsc#1055186).\n\n - powerpc/64s/radix: tidy up TLB flushing code\n (bsc#1055186).\n\n - powerpc/64s: Rename PPC_INVALIDATE_ERAT to\n PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).\n\n - powerpc/mm/book3s64: Move book3s64 code to\n pgtable-book3s64 (bsc#1055186).\n\n - powerpc/mm: mark more tlb functions as __always_inline\n (bsc#1055186).\n\n - powerpc/mm: Properly invalidate when setting process\n table base (bsc#1055186).\n\n - powerpc/mm/radix: mark as __tlbie_pid() and friends\n as__always_inline (bsc#1055186).\n\n - powerpc/mm/radix: mark __radix__flush_tlb_range_psize()\n as __always_inline (bsc#1055186).\n\n - powerpc/pseries/mobility: use cond_resched when updating\n device tree (bsc#1153112 ltc#181778).\n\n - powerpc/pseries: Remove confusing warning message\n (bsc#1109158).\n\n - powerpc/rtas: allow rescheduling while changing cpu\n states (bsc#1153112 ltc#181778).\n\n - power: supply: sysfs: ratelimit property read error\n message (bsc#1051510).\n\n - Pull packaging cleanup from mkubecek.\n\n - qed: iWARP - Fix default window size to be based on chip\n (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536\n bsc#1050545).\n\n - qed: iWARP - fix uninitialized callback (bsc#1050536\n bsc#1050545).\n\n - qed: iWARP - Use READ_ONCE and smp_store_release to\n access ep->state (bsc#1050536 bsc#1050545).\n\n - RDMA/bnxt_re: Fix spelling mistake 'missin_resp' ->\n 'missing_resp' (bsc#1050244).\n\n - RDMA: Fix goto target to release the allocated memory\n (bsc#1050244).\n\n - rtlwifi: rtl8192cu: Fix value set in descriptor\n (bsc#1142635).\n\n - sch_hhf: ensure quantum and hhf_non_hh_weight are\n non-zero (networking-stable-19_09_15).\n\n - scripts/arch-symbols: add missing link.\n\n - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo\n via sysfs attribute (bsc#1140845).\n\n - scsi: lpfc: Fix propagation of devloss_tmo setting to\n nvme transport (bsc#1140883).\n\n - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n\n - scsi: qedf: fc_rport_priv reference counting fixes\n (bsc#1098291).\n\n - scsi: qedf: Modify abort and tmf handler to handle edge\n condition and flush (bsc#1098291).\n\n - scsi: storvsc: setup 1:1 mapping between hardware queue\n and CPU queue (bsc#1140729).\n\n - sctp: Fix the link time qualifier of\n 'sctp_ctrlsock_exit()' (networking-stable-19_09_15).\n\n - sctp: use transport pf_retrans in\n sctp_do_8_2_transport_strike\n (networking-stable-19_09_15).\n\n - Sign non-x86 kernels when possible (boo#1134303)\n\n - sock_diag: fix autoloading of the raw_diag module\n (bsc#1152791).\n\n - sock_diag: request _diag module only when the family or\n proto has been registered (bsc#1152791).\n\n - staging: vt6655: Fix memory leak in vt6655_probe\n (bsc#1051510).\n\n - tcp: Do not dequeue SYN/FIN-segments from write-queue\n (git-gixes).\n\n - tcp: fix tcp_ecn_withdraw_cwr() to clear\n TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).\n\n - tcp: inherit timestamp on mtu probe\n (networking-stable-19_09_05).\n\n - tcp: remove empty skb from write queue in error cases\n (networking-stable-19_09_05).\n\n - thermal: Fix use-after-free when unregistering thermal\n zone device (bsc#1051510).\n\n - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).\n\n - tipc: add NULL pointer check before calling kfree_rcu\n (networking-stable-19_09_15).\n\n - tracing: Initialize iter->seq after zeroing in\n tracing_read_pipe() (bsc#1151508).\n\n - tun: fix use-after-free when register netdev failed\n (networking-stable-19_09_15).\n\n - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE\n (bsc#1145099).\n\n - Update\n patches.suse/NFSv4-Check-the-return-value-of-update_open\n _stateid.patch (boo#1154189 bsc#1154747).\n\n - usb: adutux: fix NULL-derefs on disconnect\n (bsc#1142635).\n\n - usb: adutux: fix use-after-free on disconnect\n (bsc#1142635).\n\n - usb: adutux: fix use-after-free on release\n (bsc#1051510).\n\n - usb: chaoskey: fix use-after-free on release\n (bsc#1051510).\n\n - usb: dummy-hcd: fix power budget for SuperSpeed mode\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free after driver unbind\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on disconnect\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on release\n (bsc#1051510).\n\n - usb: legousbtower: fix deadlock on disconnect\n (bsc#1142635).\n\n - usb: legousbtower: fix open after failed reset request\n (bsc#1142635).\n\n - usb: legousbtower: fix potential NULL-deref on\n disconnect (bsc#1142635).\n\n - usb: legousbtower: fix slab info leak at probe\n (bsc#1142635).\n\n - usb: legousbtower: fix use-after-free on release\n (bsc#1051510).\n\n - usb: microtek: fix info-leak at probe (bsc#1142635).\n\n - usbnet: ignore endpoints with invalid wMaxPacketSize\n (bsc#1051510).\n\n - usbnet: sanity checking of packet sizes and device mtu\n (bsc#1051510).\n\n - usb: serial: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: serial: ftdi_sio: add device IDs for Sienna and\n Echelon PL-20 (bsc#1051510).\n\n - usb: serial: keyspan: fix NULL-derefs on open() and\n write() (bsc#1051510).\n\n - usb: serial: option: add support for Cinterion CLS8\n devices (bsc#1051510).\n\n - usb: serial: option: add Telit FN980 compositions\n (bsc#1051510).\n\n - usb: usblcd: fix I/O after disconnect (bsc#1142635).\n\n - usb: usblp: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: usb-skeleton: fix NULL-deref on disconnect\n (bsc#1051510).\n\n - usb: usb-skeleton: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: usb-skeleton: fix use-after-free after driver\n unbind (bsc#1051510).\n\n - usb: xhci: wait for CNR controller not ready bit in xhci\n resume (bsc#1051510).\n\n - usb: yurex: Do not retry on unexpected errors\n (bsc#1051510).\n\n - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).\n\n - vfio_pci: Restore original state on release\n (bsc#1051510).\n\n - vhost_net: conditionally enable tx polling\n (bsc#1145099).\n\n - video: of: display_timing: Add of_node_put() in\n of_get_display_timing() (bsc#1051510).\n\n - watchdog: imx2_wdt: fix min() calculation in\n imx2_wdt_set_timeout (bsc#1051510).\n\n - x86/asm: Fix MWAITX C-state hint value (bsc#1114279).\n\n - x86/mm: Use WRITE_ONCE() when setting PTEs\n (bsc#1114279).\n\n - xen/netback: fix error path of xenvif_connect_data()\n (bsc#1065600).\n\n - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).\n\n - xhci: Check all endpoints for LPM timeout (bsc#1051510).\n\n - xhci: Fix false warning message about wrong bounce\n buffer write length (bsc#1051510).\n\n - xhci: Increase STS_SAVE timeout in xhci_suspend()\n (bsc#1051510).\n\n - xhci: Prevent device initiated U1/U2 link pm if exit\n latency is too long (bsc#1051510).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1064802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1066129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097584\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097586\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=118461_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=133135_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=135757_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=147830_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=147831_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=158172_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=165544_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=166495_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=172859_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=172860_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=181778_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229268_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229269_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229270_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229274_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229277_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229279_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229280_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229281_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229283_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229285_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229286_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=229297_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=296718_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=358767_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=359798_FIXME\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=802154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=814594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=919448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=987367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=998153\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debugsource-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debugsource-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-devel-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-docs-html-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-macros-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-debugsource-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-qa-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-vanilla-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-syms-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debugsource-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-4.12.14-lp150.12.79.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.79.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:19", "description": "The 5.3.6 update contains a number of important fixes across the tree\n\nThis is a rebase to the 5.3 series\n\n----\n\nThe 5.2.20 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-41e28660ae)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-41E28660AE.NASL", "href": "https://www.tenable.com/plugins/nessus/130297", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-41e28660ae.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130297);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\");\n script_xref(name:\"FEDORA\", value:\"2019-41e28660ae\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-41e28660ae)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.3.6 update contains a number of important fixes across the tree\n\nThis is a rebase to the 5.3 series\n\n----\n\nThe 5.2.20 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-41e28660ae\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-41e28660ae\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.3.6-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.3.6-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.3.6-100.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:10", "description": "Linux 5.3.4\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-08T00:00:00", "type": "nessus", "title": "Fedora 31 : kernel / kernel-headers / kernel-tools (2019-b1de72b00b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-B1DE72B00B.NASL", "href": "https://www.tenable.com/plugins/nessus/129701", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b1de72b00b.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129701);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\");\n script_xref(name:\"FEDORA\", value:\"2019-b1de72b00b\");\n\n script_name(english:\"Fedora 31 : kernel / kernel-headers / kernel-tools (2019-b1de72b00b)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Linux 5.3.4\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b1de72b00b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-b1de72b00b\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"kernel-5.3.4-300.fc31\")) flag++;\nif (rpm_check(release:\"FC31\", reference:\"kernel-headers-5.3.4-300.fc31\")) flag++;\nif (rpm_check(release:\"FC31\", reference:\"kernel-tools-5.3.4-300.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:59", "description": "The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-16995: A memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c. if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685).\n\n - CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150457).\n\n - CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c lacked a certain upper-bound check, leading to a buffer overflow (bnc#1154372).\n\n - CVE-2019-16232:\n drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465).\n\n - CVE-2019-16234:\n drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nThe following non-security bugs were fixed :\n\n - 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs == 0xff (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling (bsc#1051510).\n\n - Add Acer Aspire Ethos 8951G model quirk (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854)\n\n - ALSA: hda - Add a quirk model for fixing Huawei Matebook X right speaker (bsc#1051510).\n\n - ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).\n\n - ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n\n - ALSA: hda - Force runtime PM on Nvidia HDMI codecs (bsc#1051510).\n\n - ALSA: hda/hdmi - Do not report spurious jack state changes (bsc#1051510).\n\n - ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).\n\n - ALSA: hda - Inform too slow responses (bsc#1051510).\n\n - ALSA: hda/realtek - Add support for ALC711 (bsc#1051510).\n\n - ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).\n\n - ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).\n\n - ALSA: hda/realtek - Enable headset mic on Asus MJ401TA (bsc#1051510).\n\n - ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).\n\n - ALSA: hda/realtek - PCI quirk for Medion E4254 (bsc#1051510).\n\n - ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).\n\n - ALSA: hda: Set fifo_size for both playback and capture streams (bsc#1051510).\n\n - ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).\n\n - ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510).\n\n - ALSA: i2c: ak4xxx-adda: Fix a possible NULL pointer dereference in build_adc_controls() (bsc#1051510).\n\n - ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).\n\n - ALSA: usb-audio: Add DSD support for EVGA NU Audio (bsc#1051510).\n\n - ALSA: usb-audio: Add Hiby device family to quirks for native DSD support (bsc#1051510).\n\n - ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).\n\n - ALSA: usb-audio: Clean up check_input_term() (bsc#1051510).\n\n - ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).\n\n - ALSA: usb-audio: DSD auto-detection for Playback Designs (bsc#1051510).\n\n - ALSA: usb-audio: fix PCM device order (bsc#1051510).\n\n - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() (bsc#1051510).\n\n - ALSA: usb-audio: More validations of descriptor units (bsc#1051510).\n\n - ALSA: usb-audio: remove some dead code (bsc#1051510).\n\n - ALSA: usb-audio: Remove superfluous bLength checks (bsc#1051510).\n\n - ALSA: usb-audio: Simplify parse_audio_unit() (bsc#1051510).\n\n - ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).\n\n - ALSA: usb-audio: Unify audioformat release code (bsc#1051510).\n\n - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects (bsc#1051510).\n\n - ALSA: usb-audio: Update DSD support quirks for Oppo and Rotel (bsc#1051510).\n\n - appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).\n\n - ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).\n\n - ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510).\n\n - ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).\n\n - ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).\n\n - ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).\n\n - ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).\n\n - ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).\n\n - auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).\n\n - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - Blacklist 'signal: Correct namespace fixups of si_pid and si_uid' (bsc#1142667)\n\n - blk-wbt: abstract out end IO completion handler (bsc#1135873).\n\n - blk-wbt: fix has-sleeper queueing check (bsc#1135873).\n\n - blk-wbt: improve waking of tasks (bsc#1135873).\n\n - blk-wbt: move disable check into get_limit() (bsc#1135873).\n\n - blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout handler (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout handler (bsc#1148410).\n\n - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).\n\n - bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).\n\n - bnxt_en: Add PCI IDs for 57500 series NPAR devices (bsc#1153607).\n\n - bpf: fix use after free in prog symbol exposure (bsc#1083647).\n\n - bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).\n\n - btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).\n\n - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).\n\n - btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).\n\n - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).\n\n - btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).\n\n - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).\n\n - btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).\n\n - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).\n\n - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).\n\n - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510).\n\n - can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510).\n\n - cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15).\n\n - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).\n\n - ceph: fix directories inode i_blkbits initialization (bsc#1153717).\n\n - ceph: reconnect connection if session hang in opening state (bsc#1153718).\n\n - ceph: update the mtime when truncating up (bsc#1153719).\n\n - cfg80211: add and use strongly typed element iteration macros (bsc#1051510).\n\n - cfg80211: Purge frame registrations on iftype change (bsc#1051510).\n\n - clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510).\n\n - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).\n\n - clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).\n\n - clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510).\n\n - crypto: af_alg - consolidation of duplicate code (bsc#1154737).\n\n - crypto: af_alg - fix race accessing cipher request (bsc#1154737).\n\n - crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737).\n\n - crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).\n\n - crypto: af_alg - remove locking in async callback (bsc#1154737).\n\n - crypto: af_alg - update correct dst SGL entry (bsc#1051510).\n\n - crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).\n\n - crypto: algif_aead - copy AAD from src to dst (bsc#1154737).\n\n - crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).\n\n - crypto: algif_aead - overhaul memory management (bsc#1154737).\n\n - crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).\n\n - crypto: algif - return error code when no data was processed (bsc#1154737).\n\n - crypto: algif_skcipher - overhaul memory management (bsc#1154737).\n\n - crypto: talitos - fix missing break in switch statement (bsc#1142635).\n\n - cxgb4: do not dma memory off of the stack (bsc#1152790).\n\n - cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129).\n\n - cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05).\n\n - cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129).\n\n - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513).\n\n - cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n\n - cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).\n\n - dasd_fba: Display '00000000' for zero page when dumping sense\n\n - /dev/mem: Bail out upon SIGKILL (git-fixes).\n\n - drm: add __user attribute to ptr_to_compat() (bsc#1111666).\n\n - drm/amd/display: fix issue where 252-255 values are clipped (bsc#1111666).\n\n - drm/amd/display: reprogram VM config when system resume (bsc#1111666).\n\n - drm/amd/display: Restore backlight brightness after system resume (bsc#1112178)\n\n - drm/amd/display: support spdif (bsc#1111666).\n\n - drm/amd/dm: Understand why attaching path/tile properties are needed (bsc#1111666).\n\n - drm/amdgpu: Check for valid number of registers to read (bsc#1051510).\n\n - drm/amdgpu: Fix KFD-related kernel oops on Hawaii (bsc#1111666).\n\n - drm/amdgpu/gfx9: Update gfx9 golden settings (bsc#1111666).\n\n - drm/amdgpu/si: fix ASIC tests (git-fixes).\n\n - drm/amdgpu: Update gc_9_0 golden settings (bsc#1111666).\n\n - drm/amdkfd: Add missing Polaris10 ID (bsc#1111666).\n\n - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).\n\n - drm/amd/pp: Fix truncated clock value when set watermark (bsc#1111666).\n\n - drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).\n\n - drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors (bsc#1111666).\n\n - drm/atomic_helper: Disallow new modesets on unregistered connectors (bsc#1111666).\n\n - drm/atomic_helper: Stop modesets on unregistered connectors harder (bsc#1111666).\n\n - drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).\n\n - drm/bridge: tfp410: fix memleak in get_modes() (bsc#1111666).\n\n - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).\n\n - drm: Flush output polling on shutdown (bsc#1051510).\n\n - drm/i915: Cleanup gt powerstate from gem (bsc#1111666).\n\n - drm/i915: Fix intel_dp_mst_best_encoder() (bsc#1111666).\n\n - drm/i915/gvt: update vgpu workload head pointer correctly (bsc#1112178)\n\n - drm/i915: Restore sane defaults for KMS on GEM error load (bsc#1111666).\n\n - drm/mediatek: set DMA max segment size (bsc#1111666).\n\n - drm/msm/dsi: Fix return value check for clk_get_parent (bsc#1111666).\n\n - drm/msm/dsi: Implement reset correctly (bsc#1051510).\n\n - drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling (bsc#1111666).\n\n - drm/nouveau/kms/nv50-: Do not create MSTMs for eDP connectors (bsc#1112178)\n\n - drm/nouveau/volt: Fix for some cards having 0 maximum voltage (bsc#1111666).\n\n - drm/omap: fix max fclk divider for omap36xx (bsc#1111666).\n\n - drm/panel: check failure cases in the probe func (bsc#1111666).\n\n - drm/panel: make drm_panel.h self-contained (bsc#1111666).\n\n - drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC (bsc#1111666).\n\n - drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).\n\n - drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed (bsc#1111666).\n\n - drm/radeon: Fix EEH during kexec (bsc#1051510).\n\n - drm: rcar-du: lvds: Fix bridge_to_rcar_lvds (bsc#1111666).\n\n - drm/rockchip: Check for fast link training before enabling psr (bsc#1111666).\n\n - drm/stm: attach gem fence to atomic state (bsc#1111666).\n\n - drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510).\n\n - drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).\n\n - e1000e: add workaround for possible stalled packet (bsc#1051510).\n\n - efi/arm: Show SMBIOS bank/device location in CPER and GHES error logs (bsc#1152033).\n\n - efi: cper: print AER info of PCIe fatal error (bsc#1051510).\n\n - efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510).\n\n - efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510).\n\n - firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes).\n\n - Fix AMD IOMMU kABI (bsc#1154610).\n\n - Fix KVM kABI after x86 mmu backports (bsc#1117665).\n\n - gpu: drm: radeon: Fix a possible NULL pointer dereference in radeon_connector_set_property() (bsc#1051510).\n\n - HID: apple: Fix stuck function keys when using FN (bsc#1051510).\n\n - HID: fix error message in hid_open_report() (bsc#1051510).\n\n - HID: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).\n\n - HID: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510).\n\n - HID: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).\n\n - HID: prodikeys: Fix general protection fault during probe (bsc#1051510).\n\n - HID: sony: Fix memory corruption issue on cleanup (bsc#1051510).\n\n - hso: fix NULL-deref on tty open (bsc#1051510).\n\n - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510).\n\n - hwrng: core - do not wait on add_early_randomness() (git-fixes).\n\n - i2c: riic: Clear NACK in tend isr (bsc#1051510).\n\n - IB/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)\n\n - IB/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).\n\n - IB/mlx5: Consolidate use_umr checks into single function (bsc#1093205).\n\n - IB/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).\n\n - IB/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).\n\n - ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).\n\n - ieee802154: ca8210: prevent memory leak (bsc#1051510).\n\n - ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - iio: adc: ad799x: fix probe error handling (bsc#1051510).\n\n - iio: light: opt3001: fix mutex unlock race (bsc#1051510).\n\n - ima: always return negative code for error (bsc#1051510).\n\n - Input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).\n\n - Input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).\n\n - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799).\n\n - iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).\n\n - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).\n\n - iommu/amd: Remove domain->updated (bsc#1154610).\n\n - iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611).\n\n - ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510).\n\n - ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05).\n\n - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' (networking-stable-19_09_15).\n\n - ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05).\n\n - iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (bsc#1111666).\n\n - ixgbe: Fix secpath usage for IPsec TX offload (bsc#1113994 bsc#1151807).\n\n - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674).\n\n - ixgbe: sync the first fragment unconditionally (bsc#1133140).\n\n - kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n\n - kABI workaround for crypto/af_alg changes (bsc#1154737).\n\n - kABI workaround for drm_connector.registered type changes (bsc#1111666).\n\n - kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510).\n\n - kernel-binary.spec.in: Fix build of non-modular kernels (boo#1154578).\n\n - kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354).\n\n - kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875).\n\n - ksm: cleanup stable_node chain collapse case (bnc#1144338).\n\n - ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).\n\n - ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338).\n\n - ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338).\n\n - ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).\n\n - kvm: Convert kvm_lock to a mutex (bsc#1117665).\n\n - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).\n\n - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840).\n\n - kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665).\n\n - kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665).\n\n - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665).\n\n - kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665).\n\n - kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665).\n\n - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665).\n\n - kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665).\n\n - libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510).\n\n - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).\n\n - libnvdimm/security: provide fix for secure-erase to use zero-key (bsc#1149853).\n\n - lpfc: Add additional discovery log messages (bsc#1154521).\n\n - lpfc: Add FA-WWN Async Event reporting (bsc#1154521).\n\n - lpfc: Add FC-AL support to lpe32000 models (bsc#1154521).\n\n - lpfc: Add log macros to allow print by serverity or verbocity setting (bsc#1154521).\n\n - lpfc: Fix bad ndlp ptr in xri aborted handling (bsc#1154521).\n\n - lpfc: fix coverity error of dereference after null check (bsc#1154521).\n\n - lpfc: Fix hardlockup in lpfc_abort_handler (bsc#1154521).\n\n - lpfc: Fix lockdep errors in sli_ringtx_put (bsc#1154521).\n\n - lpfc: fix lpfc_nvmet_mrq to be bound by hdw queue count (bsc#1154521).\n\n - lpfc: Fix reporting of read-only fw error errors (bsc#1154521).\n\n - lpfc: Fix SLI3 hba in loop mode not discovering devices (bsc#1154521).\n\n - lpfc: Make FW logging dynamically configurable (bsc#1154521).\n\n - lpfc: Remove lock contention target write path (bsc#1154521).\n\n - lpfc: Revise interrupt coalescing for missing scenarios (bsc#1154521).\n\n - lpfc: Slight fast-path Performance optimizations (bsc#1154521).\n\n - lpfc: Update lpfc version to 12.6.0.0 (bsc#1154521).\n\n - mac80211: accept deauth frames in IBSS mode (bsc#1051510).\n\n - mac80211: fix txq NULL pointer dereference (bsc#1051510).\n\n - mac80211: Reject malformed SSID elements (bsc#1051510).\n\n - macsec: drop skb sk before calling gro_cells_receive (bsc#1051510).\n\n - media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642).\n\n - media: cpia2_usb: fix memory leaks (bsc#1051510).\n\n - media: dvb-core: fix a memory leak bug (bsc#1051510).\n\n - media: exynos4-is: fix leaked of_node references (bsc#1051510).\n\n - media: gspca: zero usb_buf on error (bsc#1051510).\n\n - media: hdpvr: Add device num check and handling (bsc#1051510).\n\n - media: hdpvr: add terminating 0 at end of string (bsc#1051510).\n\n - media: i2c: ov5645: Fix power sequence (bsc#1051510).\n\n - media: iguanair: add sanity checks (bsc#1051510).\n\n - media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510).\n\n - media: omap3isp: Set device on omap3isp subdevs (bsc#1051510).\n\n - media: ov9650: add a sanity check (bsc#1051510).\n\n - media: radio/si470x: kill urb on error (bsc#1051510).\n\n - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).\n\n - media: saa7146: add cleanup in hexium_attach() (bsc#1051510).\n\n - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510).\n\n - media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510).\n\n - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510).\n\n - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#1051510).\n\n - mfd: intel-lpss: Remove D3cold delay (bsc#1051510).\n\n - mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05).\n\n - mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510).\n\n - mmc: sdhci: improve ADMA error reporting (bsc#1051510).\n\n - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510).\n\n - netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).\n\n - net: Fix null de-reference of device refcount (networking-stable-19_09_15).\n\n - net: fix skb use after free in netpoll (networking-stable-19_09_05).\n\n - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15).\n\n - net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n\n - net/mlx4_en: fix a memory leak bug (bsc#1046299).\n\n - net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ).\n\n - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ).\n\n - net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30).\n\n - net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05).\n\n - net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).\n\n - net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05).\n\n - net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).\n\n - net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).\n\n - net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).\n\n - net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30).\n\n - net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05).\n\n - net_sched: add policy validation for action attributes (networking-stable-19_09_30).\n\n - net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).\n\n - net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05).\n\n - net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05).\n\n - nfc: fix attrs checks in netlink interface (bsc#1051510).\n\n - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).\n\n - nfc: pn533: fix use-after-free and memleaks (bsc#1051510).\n\n - NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).\n\n - nl80211: fix NULL pointer dereference (bsc#1051510).\n\n - objtool: Clobber user CFLAGS variable (bsc#1153236).\n\n - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30).\n\n - packaging: add support for riscv64\n\n - PCI: Correct pci=resource_alignment parameter example (bsc#1051510).\n\n - PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).\n\n - PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (bsc#1153263).\n\n - PCI: PM: Fix pci_power_up() (bsc#1051510).\n\n - pinctrl: cherryview: restore Strago DMI workaround for all versions (bsc#1111666).\n\n - pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510).\n\n - platform/x86: classmate-laptop: remove unused variable (bsc#1051510).\n\n - platform/x86: i2c-multi-instantiate: Derive the device name from parent (bsc#1111666).\n\n - platform/x86: i2c-multi-instantiate: Fail the probe if no IRQ provided (bsc#1111666).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186).\n\n - powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186).\n\n - powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186).\n\n - powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).\n\n - powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186).\n\n - powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186).\n\n - powerpc/mm: Properly invalidate when setting process table base (bsc#1055186).\n\n - powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186).\n\n - powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186).\n\n - powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778).\n\n - powerpc/pseries: Remove confusing warning message (bsc#1109158).\n\n - powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778).\n\n - powerplay: Respect units on max dcfclk watermark (bsc#1111666).\n\n - power: supply: sysfs: ratelimit property read error message (bsc#1051510).\n\n - qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#1050536 bsc#1050545).\n\n - qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05).\n\n - r8152: Set macpassthru in reset_resume callback (bsc#1051510).\n\n - RDMA/bnxt_re: Fix spelling mistake 'missin_resp' -> 'missing_resp' (bsc#1050244).\n\n - RDMA: Fix goto target to release the allocated memory (bsc#1050244).\n\n - rds: Fix warning (bsc#1154848).\n\n - Revert 'drm/amd/display: Fix underscan not using proper scaling' (bsc#1111666).\n\n - Revert 'drm/amd/powerplay: Enable/Disable NBPSTATE on On/OFF of UVD' (bsc#1111666).\n\n - Revert 'drm/radeon: Fix EEH during kexec' (bsc#1051510).\n\n - rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635).\n\n - s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).\n\n - s390/crypto: fix gcm-aes-s390 selftest failures (bsc#1137861 LTC#178091).\n\n - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05).\n\n - sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05).\n\n - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15).\n\n - sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30).\n\n - scsi: lpfc: Check queue pointer before use (bsc#1154242).\n\n - scsi: lpfc: cleanup: remove unused fcp_txcmlpq_cnt (bsc#1154521).\n\n - scsi: lpfc: Complete removal of FCoE T10 PI support on SLI-4 adapters (bsc#1154521).\n\n - scsi: lpfc: Convert existing %pf users to %ps (bsc#1154521).\n\n - scsi: lpfc: Fix coverity errors on NULL pointer checks (bsc#1154521).\n\n - scsi: lpfc: Fix device recovery errors after PLOGI failures (bsc#1154521).\n\n - scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040).\n\n - scsi: lpfc: Fix discovery failures when target device connectivity bounces (bsc#1154521).\n\n - scsi: lpfc: Fix GPF on scsi command completion (bsc#1154521).\n\n - scsi: lpfc: Fix hdwq sgl locks and irq handling (bsc#1154521).\n\n - scsi: lpfc: Fix host hang at boot or slow boot (bsc#1154521).\n\n - scsi: lpfc: Fix list corruption detected in lpfc_put_sgl_per_hdwq (bsc#1154521).\n\n - scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq (bsc#1154521).\n\n - scsi: lpfc: Fix locking on mailbox command completion (bsc#1154521).\n\n - scsi: lpfc: Fix miss of register read failure check (bsc#1154521).\n\n - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845).\n\n - scsi: lpfc: Fix NVMe ABTS in response to receiving an ABTS (bsc#1154521).\n\n - scsi: lpfc: Fix NVME io abort failures causing hangs (bsc#1154521).\n\n - scsi: lpfc: Fix premature re-enabling of interrupts in lpfc_sli_host_down (bsc#1154521).\n\n - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883).\n\n - scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (bsc#1154521).\n\n - scsi: lpfc: Fix rpi release when deleting vport (bsc#1154521).\n\n - scsi: lpfc: Fix spinlock_irq issues in lpfc_els_flush_cmd() (bsc#1154521).\n\n - scsi: lpfc: Make function lpfc_defer_pt2pt_acc static (bsc#1154521).\n\n - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n\n - scsi: lpfc: remove left-over BUILD_NVME defines (bsc#1154268).\n\n - scsi: lpfc: Update async event logging (bsc#1154521).\n\n - scsi: lpfc: Update lpfc version to 12.4.0.1 (bsc#1154521).\n\n - scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291).\n\n - scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729).\n\n - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (networking-stable-19_09_15).\n\n - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15).\n\n - Sign non-x86 kernels when possible (boo#1134303)\n\n - skge: fix checksum byte order (networking-stable-19_09_30).\n\n - sock_diag: fix autoloading of the raw_diag module (bsc#1152791).\n\n - sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791).\n\n - staging: bcm2835-audio: Fix draining behavior regression (bsc#1111666).\n\n - staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510).\n\n - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#1051510).\n\n - tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes).\n\n - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).\n\n - tcp: inherit timestamp on mtu probe (networking-stable-19_09_05).\n\n - tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05).\n\n - thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510).\n\n - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).\n\n - tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15).\n\n - tipc: fix unlimited bundling of small messages (networking-stable-19_10_05).\n\n - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508).\n\n - tun: fix use-after-free when register netdev failed (networking-stable-19_09_15).\n\n - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099).\n\n - Update patches.suse/NFSv4-Check-the-return-value-of-update_open\n _stateid.patch (boo#1154189 bsc#1154747).\n\n - usb: adutux: fix NULL-derefs on disconnect (bsc#1142635).\n\n - usb: adutux: fix use-after-free on disconnect (bsc#1142635).\n\n - usb: adutux: fix use-after-free on release (bsc#1051510).\n\n - usb: chaoskey: fix use-after-free on release (bsc#1051510).\n\n - usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on disconnect (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on release (bsc#1051510).\n\n - usb: ldusb: fix memleak on disconnect (bsc#1051510).\n\n - usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).\n\n - usb: ldusb: fix read info leaks (bsc#1051510).\n\n - usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).\n\n - usb: legousbtower: fix deadlock on disconnect (bsc#1142635).\n\n - usb: legousbtower: fix memleak on disconnect (bsc#1051510).\n\n - usb: legousbtower: fix open after failed reset request (bsc#1142635).\n\n - usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635).\n\n - usb: legousbtower: fix slab info leak at probe (bsc#1142635).\n\n - usb: legousbtower: fix use-after-free on release (bsc#1051510).\n\n - usb: microtek: fix info-leak at probe (bsc#1142635).\n\n - usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510).\n\n - usbnet: sanity checking of packet sizes and device mtu (bsc#1051510).\n\n - usb: serial: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510).\n\n - usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510).\n\n - usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510).\n\n - usb: serial: option: add Telit FN980 compositions (bsc#1051510).\n\n - usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).\n\n - usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).\n\n - usb: usblcd: fix I/O after disconnect (bsc#1142635).\n\n - usb: usblp: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: usblp: fix use-after-free on disconnect (bsc#1051510).\n\n - usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510).\n\n - usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510).\n\n - usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510).\n\n - usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510).\n\n - usb: yurex: Do not retry on unexpected errors (bsc#1051510).\n\n - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).\n\n - vfio_pci: Restore original state on release (bsc#1051510).\n\n - vhost_net: conditionally enable tx polling (bsc#1145099).\n\n - video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510).\n\n - vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05).\n\n - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510).\n\n - x86/asm: Fix MWAITX C-state hint value (bsc#1114279).\n\n - x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969).\n\n - x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).\n\n - x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279).\n\n - xen/netback: fix error path of xenvif_connect_data() (bsc#1065600).\n\n - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).\n\n - xhci: Check all endpoints for LPM timeout (bsc#1051510).\n\n - xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510).\n\n - xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510).\n\n - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).", "cvss3": {}, "published": "2019-11-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-2444)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-16995", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2444.NASL", "href": "https://www.tenable.com/plugins/nessus/130582", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2444.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130582);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-16232\", \"CVE-2019-16233\", \"CVE-2019-16234\", \"CVE-2019-16995\", \"CVE-2019-17056\", \"CVE-2019-17133\", \"CVE-2019-17666\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-2444)\");\n script_summary(english:\"Check for the openSUSE-2019-2444 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The openSUSE Leap 15.1 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-16995: A memory leak exits in\n hsr_dev_finalize() in net/hsr/hsr_device.c. if\n hsr_add_port fails to add a port, which may cause denial\n of service, aka CID-6caabe7f197d (bnc#1152685).\n\n - CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not\n check the alloc_workqueue return value, leading to a\n NULL pointer dereference (bnc#1150457).\n\n - CVE-2019-17666: rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c lacked a\n certain upper-bound check, leading to a buffer overflow\n (bnc#1154372).\n\n - CVE-2019-16232:\n drivers/net/wireless/marvell/libertas/if_sdio.c did not\n check the alloc_workqueue return value, leading to a\n NULL pointer dereference (bnc#1150465).\n\n - CVE-2019-16234:\n drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not\n check the alloc_workqueue return value, leading to a\n NULL pointer dereference (bnc#1150452).\n\n - CVE-2019-17133: cfg80211_mgd_wext_giwessid in\n net/wireless/wext-sme.c did not reject a long SSID IE,\n leading to a Buffer Overflow (bnc#1153158).\n\n - CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c\n in the AF_NFC network module did not enforce\n CAP_NET_RAW, which means that unprivileged users can\n create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nThe following non-security bugs were fixed :\n\n - 9p: avoid attaching writeback_fid on mmap with type\n PRIVATE (bsc#1051510).\n\n - ACPI / CPPC: do not require the _PSD method\n (bsc#1051510).\n\n - ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in\n acpi_cppc_processor_exit() (bsc#1051510).\n\n - ACPI / processor: do not print errors for processorIDs\n == 0xff (bsc#1051510).\n\n - act_mirred: Fix mirred_init_module error handling\n (bsc#1051510).\n\n - Add Acer Aspire Ethos 8951G model quirk (bsc#1051510).\n\n - Add kernel module compression support (bsc#1135854)\n\n - ALSA: hda - Add a quirk model for fixing Huawei Matebook\n X right speaker (bsc#1051510).\n\n - ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).\n\n - ALSA: hda - Add laptop imic fixup for ASUS M9V laptop\n (bsc#1051510).\n\n - ALSA: hda: Add support of Zhaoxin controller\n (bsc#1051510).\n\n - ALSA: hda: Add Tigerlake/Jasperlake PCI ID\n (bsc#1051510).\n\n - ALSA: hda - Apply AMD controller workaround for Raven\n platform (bsc#1051510).\n\n - ALSA: hda - Define a fallback_pin_fixup_tbl for alc269\n family (bsc#1051510).\n\n - ALSA: hda - Drop unsol event handler for Intel HDMI\n codecs (bsc#1051510).\n\n - ALSA: hda - Expand pin_match function to match upcoming\n new tbls (bsc#1051510).\n\n - ALSA: hda: Flush interrupts on disabling (bsc#1051510).\n\n - ALSA: hda - Force runtime PM on Nvidia HDMI codecs\n (bsc#1051510).\n\n - ALSA: hda/hdmi - Do not report spurious jack state\n changes (bsc#1051510).\n\n - ALSA: hda/hdmi: remove redundant assignment to variable\n pcm_idx (bsc#1051510).\n\n - ALSA: hda - Inform too slow responses (bsc#1051510).\n\n - ALSA: hda/realtek - Add support for ALC711\n (bsc#1051510).\n\n - ALSA: hda/realtek - Blacklist PC beep for Lenovo\n ThinkCentre M73/93 (bsc#1051510).\n\n - ALSA: hda/realtek - Check beep whitelist before\n assigning in all codecs (bsc#1051510).\n\n - ALSA: hda/realtek - Enable headset mic on Asus MJ401TA\n (bsc#1051510).\n\n - ALSA: hda/realtek - Fix alienware headset mic\n (bsc#1051510).\n\n - ALSA: hda/realtek - PCI quirk for Medion E4254\n (bsc#1051510).\n\n - ALSA: hda/realtek: Reduce the Headphone static noise on\n XPS 9350/9360 (bsc#1051510).\n\n - ALSA: hda: Set fifo_size for both playback and capture\n streams (bsc#1051510).\n\n - ALSA: hda - Show the fatal CORB/RIRB error more clearly\n (bsc#1051510).\n\n - ALSA: hda/sigmatel - remove unused variable\n 'stac9200_core_init' (bsc#1051510).\n\n - ALSA: i2c: ak4xxx-adda: Fix a possible NULL pointer\n dereference in build_adc_controls() (bsc#1051510).\n\n - ALSA: line6: sizeof (byte) is always 1, use that fact\n (bsc#1051510).\n\n - ALSA: usb-audio: Add DSD support for EVGA NU Audio\n (bsc#1051510).\n\n - ALSA: usb-audio: Add Hiby device family to quirks for\n native DSD support (bsc#1051510).\n\n - ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck\n (bsc#1051510).\n\n - ALSA: usb-audio: Clean up check_input_term()\n (bsc#1051510).\n\n - ALSA: usb-audio: Disable quirks for BOSS Katana\n amplifiers (bsc#1051510).\n\n - ALSA: usb-audio: DSD auto-detection for Playback Designs\n (bsc#1051510).\n\n - ALSA: usb-audio: fix PCM device order (bsc#1051510).\n\n - ALSA: usb-audio: Fix possible NULL dereference at\n create_yamaha_midi_quirk() (bsc#1051510).\n\n - ALSA: usb-audio: More validations of descriptor units\n (bsc#1051510).\n\n - ALSA: usb-audio: remove some dead code (bsc#1051510).\n\n - ALSA: usb-audio: Remove superfluous bLength checks\n (bsc#1051510).\n\n - ALSA: usb-audio: Simplify parse_audio_unit()\n (bsc#1051510).\n\n - ALSA: usb-audio: Skip bSynchAddress endpoint check if it\n is invalid (bsc#1051510).\n\n - ALSA: usb-audio: Unify audioformat release code\n (bsc#1051510).\n\n - ALSA: usb-audio: Unify the release of\n usb_mixer_elem_info objects (bsc#1051510).\n\n - ALSA: usb-audio: Update DSD support quirks for Oppo and\n Rotel (bsc#1051510).\n\n - appletalk: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - arcnet: provide a buffer big enough to actually receive\n packets (networking-stable-19_09_30).\n\n - ASoC: Define a set of DAPM pre/post-up events\n (bsc#1051510).\n\n - ASoC: dmaengine: Make the pcm->name equal to pcm->id if\n the name is not set (bsc#1051510).\n\n - ASoC: Intel: Fix use of potentially uninitialized\n variable (bsc#1051510).\n\n - ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).\n\n - ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).\n\n - ASoC: rsnd: Reinitialize bit clock inversion flag for\n every format setting (bsc#1051510).\n\n - ASoC: sgtl5000: Fix charge pump source assignment\n (bsc#1051510).\n\n - auxdisplay: panel: need to delete scan_timer when\n misc_register fails in panel_attach (bsc#1051510).\n\n - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).\n\n - Blacklist 'signal: Correct namespace fixups of si_pid\n and si_uid' (bsc#1142667)\n\n - blk-wbt: abstract out end IO completion handler\n (bsc#1135873).\n\n - blk-wbt: fix has-sleeper queueing check (bsc#1135873).\n\n - blk-wbt: improve waking of tasks (bsc#1135873).\n\n - blk-wbt: move disable check into get_limit()\n (bsc#1135873).\n\n - blk-wbt: use wq_has_sleeper() for wq active check\n (bsc#1135873).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: add io timeout to sysfs (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout\n handler (bsc#1148410).\n\n - block: do not show io_timeout if driver has no timeout\n handler (bsc#1148410).\n\n - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth\n devices (bsc#1051510).\n\n - bnx2x: Fix VF's VLAN reconfiguration in reload\n (bsc#1086323 ).\n\n - bnxt_en: Add PCI IDs for 57500 series NPAR devices\n (bsc#1153607).\n\n - bpf: fix use after free in prog symbol exposure\n (bsc#1083647).\n\n - bridge/mdb: remove wrong use of NLM_F_MULTI\n (networking-stable-19_09_15).\n\n - btrfs: bail out gracefully rather than BUG_ON\n (bsc#1153646).\n\n - btrfs: block-group: Fix a memory leak due to missing\n btrfs_put_block_group() (bsc#1155178).\n\n - btrfs: check for the full sync flag while holding the\n inode lock during fsync (bsc#1153713).\n\n - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to\n date values (bsc#1154651).\n\n - btrfs: Ensure replaced device does not have pending\n chunk allocation (bsc#1154607).\n\n - btrfs: qgroup: Always free PREALLOC META reserve in\n btrfs_delalloc_release_extents() (bsc#1155179).\n\n - btrfs: remove wrong use of volume_mutex from\n btrfs_dev_replace_start (bsc#1154651).\n\n - btrfs: tracepoints: Fix bad entry members of qgroup\n events (bsc#1155186).\n\n - btrfs: tracepoints: Fix wrong parameter order for qgroup\n events (bsc#1155184).\n\n - can: mcp251x: mcp251x_hw_reset(): allow more time after\n a reset (bsc#1051510).\n\n - can: xilinx_can: xcan_probe(): skip error message on\n deferred probe (bsc#1051510).\n\n - cdc_ether: fix rndis support for Mediatek based\n smartphones (networking-stable-19_09_15).\n\n - cdc_ncm: fix divide-by-zero caused by invalid\n wMaxPacketSize (bsc#1051510).\n\n - ceph: fix directories inode i_blkbits initialization\n (bsc#1153717).\n\n - ceph: reconnect connection if session hang in opening\n state (bsc#1153718).\n\n - ceph: update the mtime when truncating up (bsc#1153719).\n\n - cfg80211: add and use strongly typed element iteration\n macros (bsc#1051510).\n\n - cfg80211: Purge frame registrations on iftype change\n (bsc#1051510).\n\n - clk: at91: select parent if main oscillator or bypass is\n enabled (bsc#1051510).\n\n - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).\n\n - clk: sirf: Do not reference clk_init_data after\n registration (bsc#1051510).\n\n - clk: zx296718: Do not reference clk_init_data after\n registration (bsc#1051510).\n\n - crypto: af_alg - consolidation of duplicate code\n (bsc#1154737).\n\n - crypto: af_alg - fix race accessing cipher request\n (bsc#1154737).\n\n - crypto: af_alg - Fix race around ctx->rcvused by making\n it atomic_t (bsc#1154737).\n\n - crypto: af_alg - Initialize sg_num_bytes in error code\n path (bsc#1051510).\n\n - crypto: af_alg - remove locking in async callback\n (bsc#1154737).\n\n - crypto: af_alg - update correct dst SGL entry\n (bsc#1051510).\n\n - crypto: af_alg - wait for data at beginning of recvmsg\n (bsc#1154737).\n\n - crypto: algif_aead - copy AAD from src to dst\n (bsc#1154737).\n\n - crypto: algif_aead - fix reference counting of null\n skcipher (bsc#1154737).\n\n - crypto: algif_aead - overhaul memory management\n (bsc#1154737).\n\n - crypto: algif_aead - skip SGL entries with NULL page\n (bsc#1154737).\n\n - crypto: algif - return error code when no data was\n processed (bsc#1154737).\n\n - crypto: algif_skcipher - overhaul memory management\n (bsc#1154737).\n\n - crypto: talitos - fix missing break in switch statement\n (bsc#1142635).\n\n - cxgb4: do not dma memory off of the stack (bsc#1152790).\n\n - cxgb4: fix endianness for vlan value in cxgb4_tc_flower\n (bsc#1064802 bsc#1066129).\n\n - cxgb4:Fix out-of-bounds MSI-X info array access\n (networking-stable-19_10_05).\n\n - cxgb4: offload VLAN flows regardless of VLAN ethtype\n (bsc#1064802 bsc#1066129).\n\n - cxgb4: reduce kernel stack usage in\n cudbg_collect_mem_region() (bsc#1073513).\n\n - cxgb4: Signedness bug in init_one() (bsc#1097585\n bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583\n bsc#1097584).\n\n - cxgb4: smt: Add lock for atomic_dec_and_test\n (bsc#1064802 bsc#1066129).\n\n - dasd_fba: Display '00000000' for zero page when dumping\n sense\n\n - /dev/mem: Bail out upon SIGKILL (git-fixes).\n\n - drm: add __user attribute to ptr_to_compat()\n (bsc#1111666).\n\n - drm/amd/display: fix issue where 252-255 values are\n clipped (bsc#1111666).\n\n - drm/amd/display: reprogram VM config when system resume\n (bsc#1111666).\n\n - drm/amd/display: Restore backlight brightness after\n system resume (bsc#1112178)\n\n - drm/amd/display: support spdif (bsc#1111666).\n\n - drm/amd/dm: Understand why attaching path/tile\n properties are needed (bsc#1111666).\n\n - drm/amdgpu: Check for valid number of registers to read\n (bsc#1051510).\n\n - drm/amdgpu: Fix KFD-related kernel oops on Hawaii\n (bsc#1111666).\n\n - drm/amdgpu/gfx9: Update gfx9 golden settings\n (bsc#1111666).\n\n - drm/amdgpu/si: fix ASIC tests (git-fixes).\n\n - drm/amdgpu: Update gc_9_0 golden settings (bsc#1111666).\n\n - drm/amdkfd: Add missing Polaris10 ID (bsc#1111666).\n\n - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2)\n (bsc#1051510).\n\n - drm/amd/pp: Fix truncated clock value when set watermark\n (bsc#1111666).\n\n - drm/ast: Fixed reboot test may cause system hanged\n (bsc#1051510).\n\n - drm/atomic_helper: Allow DPMS On<->Off changes for\n unregistered connectors (bsc#1111666).\n\n - drm/atomic_helper: Disallow new modesets on unregistered\n connectors (bsc#1111666).\n\n - drm/atomic_helper: Stop modesets on unregistered\n connectors harder (bsc#1111666).\n\n - drm/bridge: tc358767: Increase AUX transfer length limit\n (bsc#1051510).\n\n - drm/bridge: tfp410: fix memleak in get_modes()\n (bsc#1111666).\n\n - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50\n (bsc#1051510).\n\n - drm: Flush output polling on shutdown (bsc#1051510).\n\n - drm/i915: Cleanup gt powerstate from gem (bsc#1111666).\n\n - drm/i915: Fix intel_dp_mst_best_encoder() (bsc#1111666).\n\n - drm/i915/gvt: update vgpu workload head pointer\n correctly (bsc#1112178)\n\n - drm/i915: Restore sane defaults for KMS on GEM error\n load (bsc#1111666).\n\n - drm/mediatek: set DMA max segment size (bsc#1111666).\n\n - drm/msm/dsi: Fix return value check for clk_get_parent\n (bsc#1111666).\n\n - drm/msm/dsi: Implement reset correctly (bsc#1051510).\n\n - drm/nouveau/disp/nv50-: fix center/aspect-corrected\n scaling (bsc#1111666).\n\n - drm/nouveau/kms/nv50-: Do not create MSTMs for eDP\n connectors (bsc#1112178)\n\n - drm/nouveau/volt: Fix for some cards having 0 maximum\n voltage (bsc#1111666).\n\n - drm/omap: fix max fclk divider for omap36xx\n (bsc#1111666).\n\n - drm/panel: check failure cases in the probe func\n (bsc#1111666).\n\n - drm/panel: make drm_panel.h self-contained\n (bsc#1111666).\n\n - drm: panel-orientation-quirks: Add extra quirk table\n entry for GPD MicroPC (bsc#1111666).\n\n - drm/panel: simple: fix AUO g185han01 horizontal blanking\n (bsc#1051510).\n\n - drm/radeon: Bail earlier when radeon.cik_/si_support=0\n is passed (bsc#1111666).\n\n - drm/radeon: Fix EEH during kexec (bsc#1051510).\n\n - drm: rcar-du: lvds: Fix bridge_to_rcar_lvds\n (bsc#1111666).\n\n - drm/rockchip: Check for fast link training before\n enabling psr (bsc#1111666).\n\n - drm/stm: attach gem fence to atomic state (bsc#1111666).\n\n - drm/tilcdc: Register cpufreq notifier after we have\n initialized crtc (bsc#1051510).\n\n - drm/vmwgfx: Fix double free in vmw_recv_msg()\n (bsc#1051510).\n\n - e1000e: add workaround for possible stalled packet\n (bsc#1051510).\n\n - efi/arm: Show SMBIOS bank/device location in CPER and\n GHES error logs (bsc#1152033).\n\n - efi: cper: print AER info of PCIe fatal error\n (bsc#1051510).\n\n - efi/memattr: Do not bail on zero VA if it equals the\n region's PA (bsc#1051510).\n\n - efivar/ssdt: Do not iterate over EFI vars if no SSDT\n override was specified (bsc#1051510).\n\n - firmware: dmi: Fix unlikely out-of-bounds read in\n save_mem_devices (git-fixes).\n\n - Fix AMD IOMMU kABI (bsc#1154610).\n\n - Fix KVM kABI after x86 mmu backports (bsc#1117665).\n\n - gpu: drm: radeon: Fix a possible NULL pointer\n dereference in radeon_connector_set_property()\n (bsc#1051510).\n\n - HID: apple: Fix stuck function keys when using FN\n (bsc#1051510).\n\n - HID: fix error message in hid_open_report()\n (bsc#1051510).\n\n - HID: hidraw: Fix invalid read in hidraw_ioctl\n (bsc#1051510).\n\n - HID: logitech: Fix general protection fault caused by\n Logitech driver (bsc#1051510).\n\n - HID: logitech-hidpp: do all FF cleanup in\n hidpp_ff_destroy() (bsc#1051510).\n\n - HID: prodikeys: Fix general protection fault during\n probe (bsc#1051510).\n\n - HID: sony: Fix memory corruption issue on cleanup\n (bsc#1051510).\n\n - hso: fix NULL-deref on tty open (bsc#1051510).\n\n - hwmon: (acpi_power_meter) Change log level for 'unsafe\n software power cap' (bsc#1051510).\n\n - hwrng: core - do not wait on add_early_randomness()\n (git-fixes).\n\n - i2c: riic: Clear NACK in tend isr (bsc#1051510).\n\n - IB/core, ipoib: Do not overreact to SM LID change event\n (bsc#1154108)\n\n - IB/hfi1: Remove overly conservative VM_EXEC flag check\n (bsc#1144449).\n\n - IB/mlx5: Consolidate use_umr checks into single function\n (bsc#1093205).\n\n - IB/mlx5: Fix MR re-registration flow to use UMR properly\n (bsc#1093205).\n\n - IB/mlx5: Report correctly tag matching rendezvous\n capability (bsc#1046305).\n\n - ieee802154: atusb: fix use-after-free at disconnect\n (bsc#1051510).\n\n - ieee802154: ca8210: prevent memory leak (bsc#1051510).\n\n - ieee802154: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - iio: adc: ad799x: fix probe error handling\n (bsc#1051510).\n\n - iio: light: opt3001: fix mutex unlock race\n (bsc#1051510).\n\n - ima: always return negative code for error\n (bsc#1051510).\n\n - Input: da9063 - fix capability and drop KEY_SLEEP\n (bsc#1051510).\n\n - Input: synaptics-rmi4 - avoid processing unknown IRQs\n (bsc#1051510).\n\n - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer\n Aspire A315-41 (bsc#1137799).\n\n - iommu/amd: Check PM_LEVEL_SIZE() condition in locked\n section (bsc#1154608).\n\n - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge\n systems (bsc#1137799).\n\n - iommu/amd: Remove domain->updated (bsc#1154610).\n\n - iommu/amd: Wait for completion of IOTLB flush in\n attach_device (bsc#1154611).\n\n - ipmi_si: Only schedule continuously in the thread in\n maintenance mode (bsc#1051510).\n\n - ipv6: drop incoming packets having a v4mapped source\n address (networking-stable-19_10_05).\n\n - ipv6: Fix the link time qualifier of\n 'ping_v6_proc_exit_net()' (networking-stable-19_09_15).\n\n - ipv6: Handle missing host route in __ipv6_ifa_notify\n (networking-stable-19_10_05).\n\n - iwlwifi: pcie: fix memory leaks in\n iwl_pcie_ctxt_info_gen3_init (bsc#1111666).\n\n - ixgbe: Fix secpath usage for IPsec TX offload\n (bsc#1113994 bsc#1151807).\n\n - ixgbe: Prevent u8 wrapping of ITR value to something\n less than 10us (bsc#1101674).\n\n - ixgbe: sync the first fragment unconditionally\n (bsc#1133140).\n\n - kabi: net: sched: act_sample: fix psample group handling\n on overwrite (networking-stable-19_09_05).\n\n - kABI workaround for crypto/af_alg changes (bsc#1154737).\n\n - kABI workaround for drm_connector.registered type\n changes (bsc#1111666).\n\n - kABI workaround for snd_hda_pick_pin_fixup() changes\n (bsc#1051510).\n\n - kernel-binary.spec.in: Fix build of non-modular kernels\n (boo#1154578).\n\n - kernel-subpackage-build: create zero size ghost for\n uncompressed vmlinux (bsc#1154354).\n\n - kernel/sysctl.c: do not override max_threads provided by\n userspace (bnc#1150875).\n\n - ksm: cleanup stable_node chain collapse case\n (bnc#1144338).\n\n - ksm: fix use after free with merge_across_nodes = 0\n (bnc#1144338).\n\n - ksm: introduce ksm_max_page_sharing per page\n deduplication limit (bnc#1144338).\n\n - ksm: optimize refile of stable_node_dup at the head of\n the chain (bnc#1144338).\n\n - ksm: swap the two output parameters of chain/chain_prune\n (bnc#1144338).\n\n - kvm: Convert kvm_lock to a mutex (bsc#1117665).\n\n - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665).\n\n - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing\n host_ipi flag (bsc#1061840).\n\n - kvm: x86: add tracepoints around __direct_map and\n FNAME(fetch) (bsc#1117665).\n\n - kvm: x86: adjust kvm_mmu_page member to save 8 bytes\n (bsc#1117665).\n\n - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON\n (bsc#1117665).\n\n - kvm: x86: Do not release the page inside mmu_set_spte()\n (bsc#1117665).\n\n - kvm: x86: make FNAME(fetch) and __direct_map more\n similar (bsc#1117665).\n\n - kvm: x86, powerpc: do not allow clearing largepages\n debugfs entry (bsc#1117665).\n\n - kvm: x86: remove now unneeded hugepage gfn adjustment\n (bsc#1117665).\n\n - libertas: Add missing sentinel at end of if_usb.c\n fw_table (bsc#1051510).\n\n - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510).\n\n - libnvdimm/security: provide fix for secure-erase to use\n zero-key (bsc#1149853).\n\n - lpfc: Add additional discovery log messages\n (bsc#1154521).\n\n - lpfc: Add FA-WWN Async Event reporting (bsc#1154521).\n\n - lpfc: Add FC-AL support to lpe32000 models\n (bsc#1154521).\n\n - lpfc: Add log macros to allow print by serverity or\n verbocity setting (bsc#1154521).\n\n - lpfc: Fix bad ndlp ptr in xri aborted handling\n (bsc#1154521).\n\n - lpfc: fix coverity error of dereference after null check\n (bsc#1154521).\n\n - lpfc: Fix hardlockup in lpfc_abort_handler\n (bsc#1154521).\n\n - lpfc: Fix lockdep errors in sli_ringtx_put\n (bsc#1154521).\n\n - lpfc: fix lpfc_nvmet_mrq to be bound by hdw queue count\n (bsc#1154521).\n\n - lpfc: Fix reporting of read-only fw error errors\n (bsc#1154521).\n\n - lpfc: Fix SLI3 hba in loop mode not discovering devices\n (bsc#1154521).\n\n - lpfc: Make FW logging dynamically configurable\n (bsc#1154521).\n\n - lpfc: Remove lock contention target write path\n (bsc#1154521).\n\n - lpfc: Revise interrupt coalescing for missing scenarios\n (bsc#1154521).\n\n - lpfc: Slight fast-path Performance optimizations\n (bsc#1154521).\n\n - lpfc: Update lpfc version to 12.6.0.0 (bsc#1154521).\n\n - mac80211: accept deauth frames in IBSS mode\n (bsc#1051510).\n\n - mac80211: fix txq NULL pointer dereference\n (bsc#1051510).\n\n - mac80211: Reject malformed SSID elements (bsc#1051510).\n\n - macsec: drop skb sk before calling gro_cells_receive\n (bsc#1051510).\n\n - media: atmel: atmel-isc: fix asd memory allocation\n (bsc#1135642).\n\n - media: cpia2_usb: fix memory leaks (bsc#1051510).\n\n - media: dvb-core: fix a memory leak bug (bsc#1051510).\n\n - media: exynos4-is: fix leaked of_node references\n (bsc#1051510).\n\n - media: gspca: zero usb_buf on error (bsc#1051510).\n\n - media: hdpvr: Add device num check and handling\n (bsc#1051510).\n\n - media: hdpvr: add terminating 0 at end of string\n (bsc#1051510).\n\n - media: i2c: ov5645: Fix power sequence (bsc#1051510).\n\n - media: iguanair: add sanity checks (bsc#1051510).\n\n - media: omap3isp: Do not set streaming state on random\n subdevs (bsc#1051510).\n\n - media: omap3isp: Set device on omap3isp subdevs\n (bsc#1051510).\n\n - media: ov9650: add a sanity check (bsc#1051510).\n\n - media: radio/si470x: kill urb on error (bsc#1051510).\n\n - media: saa7134: fix terminology around\n saa7134_i2c_eeprom_md7134_gate() (bsc#1051510).\n\n - media: saa7146: add cleanup in hexium_attach()\n (bsc#1051510).\n\n - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table\n (bsc#1051510).\n\n - media: stkwebcam: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - media: ttusb-dec: Fix info-leak in\n ttusb_dec_send_command() (bsc#1051510).\n\n - memstick: jmb38x_ms: Fix an error handling path in\n 'jmb38x_ms_probe()' (bsc#1051510).\n\n - mfd: intel-lpss: Remove D3cold delay (bsc#1051510).\n\n - mISDN: enforce CAP_NET_RAW for raw sockets\n (bsc#1051510).\n\n - mld: fix memory leak in mld_del_delrec()\n (networking-stable-19_09_05).\n\n - mmc: sdhci: Fix incorrect switch to HS mode\n (bsc#1051510).\n\n - mmc: sdhci: improve ADMA error reporting (bsc#1051510).\n\n - mmc: sdhci-of-esdhc: set DMA snooping based on DMA\n coherence (bsc#1051510).\n\n - netfilter: nf_nat: do not bug when mapping already\n exists (bsc#1146612).\n\n - net: Fix null de-reference of device refcount\n (networking-stable-19_09_15).\n\n - net: fix skb use after free in netpoll\n (networking-stable-19_09_05).\n\n - net: gso: Fix skb_segment splat when splitting gso_size\n mangled skb having linear-headed frag_list\n (networking-stable-19_09_15).\n\n - net/ibmvnic: Fix EOI when running in XIVE mode\n (bsc#1089644, ltc#166495, ltc#165544, git-fixes).\n\n - net/mlx4_en: fix a memory leak bug (bsc#1046299).\n\n - net/mlx5: Add device ID of upcoming BlueField-2\n (bsc#1046303 ).\n\n - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305\n ).\n\n - net/phy: fix DP83865 10 Mbps HDX loopback disable\n function (networking-stable-19_09_30).\n\n - net: qlogic: Fix memory leak in ql_alloc_large_buffers\n (networking-stable-19_10_05).\n\n - net: qrtr: Stop rx_worker before freeing node\n (networking-stable-19_09_30).\n\n - net/rds: Fix error handling in rds_ib_add_one()\n (networking-stable-19_10_05).\n\n - net/rds: fix warn in rds_message_alloc_sgs\n (bsc#1154848).\n\n - net/rds: remove user triggered WARN_ON in rds_sendmsg\n (bsc#1154848).\n\n - net: Replace NF_CT_ASSERT() with WARN_ON()\n (bsc#1146612).\n\n - net/sched: act_sample: do not push mac header on ip6gre\n ingress (networking-stable-19_09_30).\n\n - net: sched: act_sample: fix psample group handling on\n overwrite (networking-stable-19_09_05).\n\n - net_sched: add policy validation for action attributes\n (networking-stable-19_09_30).\n\n - net_sched: fix backward compatibility for TCA_ACT_KIND\n (git-fixes).\n\n - net: stmmac: dwmac-rk: Do not fail if phy regulator is\n absent (networking-stable-19_09_05).\n\n - net: Unpublish sk from sk_reuseport_cb before call_rcu\n (networking-stable-19_10_05).\n\n - nfc: fix attrs checks in netlink interface\n (bsc#1051510).\n\n - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510).\n\n - nfc: pn533: fix use-after-free and memleaks\n (bsc#1051510).\n\n - NFSv4.1 - backchannel request should hold ref on xprt\n (bsc#1152624).\n\n - nl80211: fix NULL pointer dereference (bsc#1051510).\n\n - objtool: Clobber user CFLAGS variable (bsc#1153236).\n\n - openvswitch: change type of UPCALL_PID attribute to\n NLA_UNSPEC (networking-stable-19_09_30).\n\n - packaging: add support for riscv64\n\n - PCI: Correct pci=resource_alignment parameter example\n (bsc#1051510).\n\n - PCI: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092).\n\n - PCI: hv: Use bytes 4 and 5 from instance ID as the PCI\n domain numbers (bsc#1153263).\n\n - PCI: PM: Fix pci_power_up() (bsc#1051510).\n\n - pinctrl: cherryview: restore Strago DMI workaround for\n all versions (bsc#1111666).\n\n - pinctrl: tegra: Fix write barrier placement in\n pmx_writel (bsc#1051510).\n\n - platform/x86: classmate-laptop: remove unused variable\n (bsc#1051510).\n\n - platform/x86: i2c-multi-instantiate: Derive the device\n name from parent (bsc#1111666).\n\n - platform/x86: i2c-multi-instantiate: Fail the probe if\n no IRQ provided (bsc#1111666).\n\n - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to\n critclk_systems DMI table (bsc#1051510).\n\n - powerpc/64s/pseries: radix flush translations before MMU\n is enabled at boot (bsc#1055186).\n\n - powerpc/64s/radix: keep kernel ERAT over local\n process/guest invalidates (bsc#1055186).\n\n - powerpc/64s/radix: tidy up TLB flushing code\n (bsc#1055186).\n\n - powerpc/64s: Rename PPC_INVALIDATE_ERAT to\n PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186).\n\n - powerpc/mm/book3s64: Move book3s64 code to\n pgtable-book3s64 (bsc#1055186).\n\n - powerpc/mm: mark more tlb functions as __always_inline\n (bsc#1055186).\n\n - powerpc/mm: Properly invalidate when setting process\n table base (bsc#1055186).\n\n - powerpc/mm/radix: mark as __tlbie_pid() and friends\n as__always_inline (bsc#1055186).\n\n - powerpc/mm/radix: mark __radix__flush_tlb_range_psize()\n as __always_inline (bsc#1055186).\n\n - powerpc/pseries/mobility: use cond_resched when updating\n device tree (bsc#1153112 ltc#181778).\n\n - powerpc/pseries: Remove confusing warning message\n (bsc#1109158).\n\n - powerpc/rtas: allow rescheduling while changing cpu\n states (bsc#1153112 ltc#181778).\n\n - powerplay: Respect units on max dcfclk watermark\n (bsc#1111666).\n\n - power: supply: sysfs: ratelimit property read error\n message (bsc#1051510).\n\n - qed: iWARP - Fix default window size to be based on chip\n (bsc#1050536 bsc#1050545).\n\n - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536\n bsc#1050545).\n\n - qed: iWARP - fix uninitialized callback (bsc#1050536\n bsc#1050545).\n\n - qed: iWARP - Use READ_ONCE and smp_store_release to\n access ep->state (bsc#1050536 bsc#1050545).\n\n - qmi_wwan: add support for Cinterion CLS8 devices\n (networking-stable-19_10_05).\n\n - r8152: Set macpassthru in reset_resume callback\n (bsc#1051510).\n\n - RDMA/bnxt_re: Fix spelling mistake 'missin_resp' ->\n 'missing_resp' (bsc#1050244).\n\n - RDMA: Fix goto target to release the allocated memory\n (bsc#1050244).\n\n - rds: Fix warning (bsc#1154848).\n\n - Revert 'drm/amd/display: Fix underscan not using proper\n scaling' (bsc#1111666).\n\n - Revert 'drm/amd/powerplay: Enable/Disable NBPSTATE on\n On/OFF of UVD' (bsc#1111666).\n\n - Revert 'drm/radeon: Fix EEH during kexec' (bsc#1051510).\n\n - rtlwifi: rtl8192cu: Fix value set in descriptor\n (bsc#1142635).\n\n - s390/cmf: set_schib_wait add timeout (bsc#1153509,\n bsc#1153476).\n\n - s390/crypto: fix gcm-aes-s390 selftest failures\n (bsc#1137861 LTC#178091).\n\n - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash\n (networking-stable-19_10_05).\n\n - sch_dsmark: fix potential NULL deref in dsmark_init()\n (networking-stable-19_10_05).\n\n - sch_hhf: ensure quantum and hhf_non_hh_weight are\n non-zero (networking-stable-19_09_15).\n\n - sch_netem: fix a divide by zero in tabledist()\n (networking-stable-19_09_30).\n\n - scsi: lpfc: Check queue pointer before use\n (bsc#1154242).\n\n - scsi: lpfc: cleanup: remove unused fcp_txcmlpq_cnt\n (bsc#1154521).\n\n - scsi: lpfc: Complete removal of FCoE T10 PI support on\n SLI-4 adapters (bsc#1154521).\n\n - scsi: lpfc: Convert existing %pf users to %ps\n (bsc#1154521).\n\n - scsi: lpfc: Fix coverity errors on NULL pointer checks\n (bsc#1154521).\n\n - scsi: lpfc: Fix device recovery errors after PLOGI\n failures (bsc#1154521).\n\n - scsi: lpfc: Fix devices that do not return after devloss\n followed by rediscovery (bsc#1137040).\n\n - scsi: lpfc: Fix discovery failures when target device\n connectivity bounces (bsc#1154521).\n\n - scsi: lpfc: Fix GPF on scsi command completion\n (bsc#1154521).\n\n - scsi: lpfc: Fix hdwq sgl locks and irq handling\n (bsc#1154521).\n\n - scsi: lpfc: Fix host hang at boot or slow boot\n (bsc#1154521).\n\n - scsi: lpfc: Fix list corruption detected in\n lpfc_put_sgl_per_hdwq (bsc#1154521).\n\n - scsi: lpfc: Fix list corruption in lpfc_sli_get_iocbq\n (bsc#1154521).\n\n - scsi: lpfc: Fix locking on mailbox command completion\n (bsc#1154521).\n\n - scsi: lpfc: Fix miss of register read failure check\n (bsc#1154521).\n\n - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo\n via sysfs attribute (bsc#1140845).\n\n - scsi: lpfc: Fix NVMe ABTS in response to receiving an\n ABTS (bsc#1154521).\n\n - scsi: lpfc: Fix NVME io abort failures causing hangs\n (bsc#1154521).\n\n - scsi: lpfc: Fix premature re-enabling of interrupts in\n lpfc_sli_host_down (bsc#1154521).\n\n - scsi: lpfc: Fix propagation of devloss_tmo setting to\n nvme transport (bsc#1140883).\n\n - scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs\n (bsc#1154521).\n\n - scsi: lpfc: Fix rpi release when deleting vport\n (bsc#1154521).\n\n - scsi: lpfc: Fix spinlock_irq issues in\n lpfc_els_flush_cmd() (bsc#1154521).\n\n - scsi: lpfc: Make function lpfc_defer_pt2pt_acc static\n (bsc#1154521).\n\n - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375).\n\n - scsi: lpfc: remove left-over BUILD_NVME defines\n (bsc#1154268).\n\n - scsi: lpfc: Update async event logging (bsc#1154521).\n\n - scsi: lpfc: Update lpfc version to 12.4.0.1\n (bsc#1154521).\n\n - scsi: qedf: fc_rport_priv reference counting fixes\n (bsc#1098291).\n\n - scsi: qedf: Modify abort and tmf handler to handle edge\n condition and flush (bsc#1098291).\n\n - scsi: qla2xxx: Add error handling for PLOGI ELS\n passthrough (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop\n event (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Check for MB timeout while capturing\n ISP27/28xx FW dump (bsc#1143706 bsc#1082635\n bsc#1123034).\n\n - scsi: qla2xxx: Dual FCP-NVMe target port support\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix N2N link reset (bsc#1143706\n bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix N2N link up fail (bsc#1143706\n bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix stale mem access on driver unload\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix unbound sleep in fcport delete path\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Fix wait condition in loop (bsc#1143706\n bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Improve logging for scan thread\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Optimize NPIV tear down process\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: remove redundant assignment to pointer\n host (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Remove WARN_ON_ONCE in\n qla2x00_status_cont_entry() (bsc#1143706 bsc#1082635\n bsc#1123034).\n\n - scsi: qla2xxx: Set remove flag for all VP (bsc#1143706\n bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Silence fwdump template message\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: qla2xxx: Update driver version to 10.01.00.20-k\n (bsc#1143706 bsc#1082635 bsc#1123034).\n\n - scsi: storvsc: setup 1:1 mapping between hardware queue\n and CPU queue (bsc#1140729).\n\n - sctp: Fix the link time qualifier of\n 'sctp_ctrlsock_exit()' (networking-stable-19_09_15).\n\n - sctp: use transport pf_retrans in\n sctp_do_8_2_transport_strike\n (networking-stable-19_09_15).\n\n - Sign non-x86 kernels when possible (boo#1134303)\n\n - skge: fix checksum byte order\n (networking-stable-19_09_30).\n\n - sock_diag: fix autoloading of the raw_diag module\n (bsc#1152791).\n\n - sock_diag: request _diag module only when the family or\n proto has been registered (bsc#1152791).\n\n - staging: bcm2835-audio: Fix draining behavior regression\n (bsc#1111666).\n\n - staging: vt6655: Fix memory leak in vt6655_probe\n (bsc#1051510).\n\n - staging: wlan-ng: fix exit return when sme->key_idx >=\n NUM_WEPKEYS (bsc#1051510).\n\n - tcp: Do not dequeue SYN/FIN-segments from write-queue\n (git-gixes).\n\n - tcp: fix tcp_ecn_withdraw_cwr() to clear\n TCP_ECN_QUEUE_CWR (networking-stable-19_09_15).\n\n - tcp: inherit timestamp on mtu probe\n (networking-stable-19_09_05).\n\n - tcp: remove empty skb from write queue in error cases\n (networking-stable-19_09_05).\n\n - thermal: Fix use-after-free when unregistering thermal\n zone device (bsc#1051510).\n\n - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510).\n\n - tipc: add NULL pointer check before calling kfree_rcu\n (networking-stable-19_09_15).\n\n - tipc: fix unlimited bundling of small messages\n (networking-stable-19_10_05).\n\n - tracing: Initialize iter->seq after zeroing in\n tracing_read_pipe() (bsc#1151508).\n\n - tun: fix use-after-free when register netdev failed\n (networking-stable-19_09_15).\n\n - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE\n (bsc#1145099).\n\n - Update\n patches.suse/NFSv4-Check-the-return-value-of-update_open\n _stateid.patch (boo#1154189 bsc#1154747).\n\n - usb: adutux: fix NULL-derefs on disconnect\n (bsc#1142635).\n\n - usb: adutux: fix use-after-free on disconnect\n (bsc#1142635).\n\n - usb: adutux: fix use-after-free on release\n (bsc#1051510).\n\n - usb: chaoskey: fix use-after-free on release\n (bsc#1051510).\n\n - usb: dummy-hcd: fix power budget for SuperSpeed mode\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free after driver unbind\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on disconnect\n (bsc#1051510).\n\n - usb: iowarrior: fix use-after-free on release\n (bsc#1051510).\n\n - usb: ldusb: fix memleak on disconnect (bsc#1051510).\n\n - usb: ldusb: fix NULL-derefs on driver unbind\n (bsc#1051510).\n\n - usb: ldusb: fix read info leaks (bsc#1051510).\n\n - usb: legousbtower: fix a signedness bug in tower_probe()\n (bsc#1051510).\n\n - usb: legousbtower: fix deadlock on disconnect\n (bsc#1142635).\n\n - usb: legousbtower: fix memleak on disconnect\n (bsc#1051510).\n\n - usb: legousbtower: fix open after failed reset request\n (bsc#1142635).\n\n - usb: legousbtower: fix potential NULL-deref on\n disconnect (bsc#1142635).\n\n - usb: legousbtower: fix slab info leak at probe\n (bsc#1142635).\n\n - usb: legousbtower: fix use-after-free on release\n (bsc#1051510).\n\n - usb: microtek: fix info-leak at probe (bsc#1142635).\n\n - usbnet: ignore endpoints with invalid wMaxPacketSize\n (bsc#1051510).\n\n - usbnet: sanity checking of packet sizes and device mtu\n (bsc#1051510).\n\n - usb: serial: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: serial: ftdi_sio: add device IDs for Sienna and\n Echelon PL-20 (bsc#1051510).\n\n - usb: serial: keyspan: fix NULL-derefs on open() and\n write() (bsc#1051510).\n\n - usb: serial: option: add support for Cinterion CLS8\n devices (bsc#1051510).\n\n - usb: serial: option: add Telit FN980 compositions\n (bsc#1051510).\n\n - usb: serial: ti_usb_3410_5052: fix port-close races\n (bsc#1051510).\n\n - usb: udc: lpc32xx: fix bad bit shift operation\n (bsc#1051510).\n\n - usb: usblcd: fix I/O after disconnect (bsc#1142635).\n\n - usb: usblp: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: usblp: fix use-after-free on disconnect\n (bsc#1051510).\n\n - usb: usb-skeleton: fix NULL-deref on disconnect\n (bsc#1051510).\n\n - usb: usb-skeleton: fix runtime PM after driver unbind\n (bsc#1051510).\n\n - usb: usb-skeleton: fix use-after-free after driver\n unbind (bsc#1051510).\n\n - usb: xhci: wait for CNR controller not ready bit in xhci\n resume (bsc#1051510).\n\n - usb: yurex: Do not retry on unexpected errors\n (bsc#1051510).\n\n - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510).\n\n - vfio_pci: Restore original state on release\n (bsc#1051510).\n\n - vhost_net: conditionally enable tx polling\n (bsc#1145099).\n\n - video: of: display_timing: Add of_node_put() in\n of_get_display_timing() (bsc#1051510).\n\n - vsock: Fix a lockdep warning in __vsock_release()\n (networking-stable-19_10_05).\n\n - watchdog: imx2_wdt: fix min() calculation in\n imx2_wdt_set_timeout (bsc#1051510).\n\n - x86/asm: Fix MWAITX C-state hint value (bsc#1114279).\n\n - x86/boot/64: Make level2_kernel_pgt pages invalid\n outside kernel area (bnc#1153969).\n\n - x86/boot/64: Round memory hole size up to next PMD page\n (bnc#1153969).\n\n - x86/mm: Use WRITE_ONCE() when setting PTEs\n (bsc#1114279).\n\n - xen/netback: fix error path of xenvif_connect_data()\n (bsc#1065600).\n\n - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811).\n\n - xhci: Check all endpoints for LPM timeout (bsc#1051510).\n\n - xhci: Fix false warning message about wrong bounce\n buffer write length (bsc#1051510).\n\n - xhci: Increase STS_SAVE timeout in xhci_suspend()\n (bsc#1051510).\n\n - xhci: Prevent device initiated U1/U2 link pm if exit\n latency is too long (bsc#1051510).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046305\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1064802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1066129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1089644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097584\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097585\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097586\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098291\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117665\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1133140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1134303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135642\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1135873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1137861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140883\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1141600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142635\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1145099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1146612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1148410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1149853\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150457\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1150875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151508\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1151807\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152790\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1152791\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153718\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154242\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154268\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154354\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154578\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154747\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154848\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155179\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1155186\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-debugsource-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-base-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-debugsource-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-devel-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-docs-html-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-macros-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-build-debugsource-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-obs-qa-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-source-vanilla-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-syms-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-debugsource-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-4.12.14-lp151.28.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:50", "description": "The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2017-18595: A double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\nCVE-2019-15291: There was a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function in the drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permitted sufficiently low encryption key length and did not prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could decrypt traffic and injected arbitrary ciphertext without the victim noticing (bnc#1137865 bnc#1146042).\n\nCVE-2019-16232: Fixed a NULL pointer dereference in drivers/net/wireless/marvell/libertas/if_sdio.c, which did not check the alloc_workqueue return value (bnc#1150465).\n\nCVE-2019-16234: Fixed a NULL pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c, which did not check the alloc_workqueue return value (bnc#1150452).\n\nCVE-2019-17056: Added enforcement of CAP_NET_RAW in llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module, the lack of which allowed unprivileged users to create a raw socket, aka CID-3a359798b176 (bnc#1152788).\n\nCVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).\n\nCVE-2019-17666: Added an upper-bound check in rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c, the lack of which could have led to a buffer overflow (bnc#1154372).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-01T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-16232", "CVE-2019-16234", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2879-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130452", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2879-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130452);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2017-18595\",\n \"CVE-2019-9506\",\n \"CVE-2019-14821\",\n \"CVE-2019-15291\",\n \"CVE-2019-16232\",\n \"CVE-2019-16234\",\n \"CVE-2019-17056\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\"\n );\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2879-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2017-18595: A double free may be caused by the function\nallocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).\n\nCVE-2019-14821: An out-of-bounds access issue was found in the way\nLinux kernel's KVM hypervisor implements the coalesced MMIO write\noperation. It operates on an MMIO ring buffer 'struct\nkvm_coalesced_mmio' object, wherein write indices 'ring->first' and\n'ring->last' value could be supplied by a host user-space process. An\nunprivileged host user or process with access to '/dev/kvm' device\ncould use this flaw to crash the host kernel, resulting in a denial of\nservice or potentially escalating privileges on the system\n(bnc#1151350).\n\nCVE-2019-15291: There was a NULL pointer dereference caused by a\nmalicious USB device in the flexcop_usb_probe function in the\ndrivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).\n\nCVE-2019-9506: The Bluetooth BR/EDR specification up to and including\nversion 5.1 permitted sufficiently low encryption key length and did\nnot prevent an attacker from influencing the key length negotiation.\nThis allowed practical brute-force attacks (aka 'KNOB') that could\ndecrypt traffic and injected arbitrary ciphertext without the victim\nnoticing (bnc#1137865 bnc#1146042).\n\nCVE-2019-16232: Fixed a NULL pointer dereference in\ndrivers/net/wireless/marvell/libertas/if_sdio.c, which did not check\nthe alloc_workqueue return value (bnc#1150465).\n\nCVE-2019-16234: Fixed a NULL pointer dereference in\ndrivers/net/wireless/intel/iwlwifi/pcie/trans.c, which did not check\nthe alloc_workqueue return value (bnc#1150452).\n\nCVE-2019-17056: Added enforcement of CAP_NET_RAW in llcp_sock_create\nin net/nfc/llcp_sock.c in the AF_NFC network module, the lack of which\nallowed unprivileged users to create a raw socket, aka\nCID-3a359798b176 (bnc#1152788).\n\nCVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid\nin net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).\n\nCVE-2019-17666: Added an upper-bound check in rtl_p2p_noa_ie in\ndrivers/net/wireless/realtek/rtlwifi/ps.c, the lack of which could\nhave led to a buffer overflow (bnc#1154372).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046299\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097585\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119086\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142076\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149313\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150423\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151891\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152025\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152026\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152161\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-18595/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14821/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15291/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16232/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16234/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17056/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17133/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17666/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9506/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192879-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?23636ee0\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-2879=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2879=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2879=1\n\nSUSE Linux Enterprise Live Patching 12-SP4:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP4-2019-2879=1\n\nSUSE Linux Enterprise High Availability 12-SP4:zypper in -t patch\nSUSE-SLE-HA-12-SP4-2019-2879=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2879=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-base-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-debugsource-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-default-devel-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"kernel-syms-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-devel-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.12.14-95.37.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-4.12.14-95.37.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T15:50:58", "description": "The SUSE Linux Enterprise 15-SP1 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135:\nAborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).\n\nThe set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251 CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685).\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2947-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-10220", "CVE-2019-11135", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-16995", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel", "p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:kernel-debug", "p-cpe:/a:novell:suse_linux:kernel-debug-base", "p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-debug-devel", "p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall", "p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base"], "id": "SUSE_SU-2019-2947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130947", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2947-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130947);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-10220\",\n \"CVE-2019-11135\",\n \"CVE-2019-16232\",\n \"CVE-2019-16233\",\n \"CVE-2019-16234\",\n \"CVE-2019-16995\",\n \"CVE-2019-17056\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2947-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 15-SP1 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit\na race condition in the Instruction Fetch Unit of the Intel CPU to\ncause a Machine Exception during Page Size Change, causing the CPU\ncore to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size\nchanges in executable pages by splitting / merging huge pages into\nsmall pages as needed. More information can be found on\nhttps://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135:\nAborting an asynchronous TSX operation on Intel CPUs with\nTransactional Memory support could be used to facilitate sidechannel\ninformation leaks out of microarchitectural buffers, similar to the\npreviously described 'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable\nTSX operation altogether (requiring CPU Microcode updates on\nolder systems) and better flushing of microarchitectural\nbuffers (VERW).\n\nThe set of options available is described in our TID at\nhttps://www.suse.com/support/kb/doc/?id=7024251\nCVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if\nhsr_add_port failed to add a port, which may have caused\ndenial of service (bsc#1152685).\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the\nalloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the\nuser space. (bsc#1144903).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code\n(bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the\nMarwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue\nreturn value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID\nIE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,\nwhich meant that unprivileged users could create a raw socket\n(bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046299\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097585\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149853\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152624\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154242\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=802154\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=814594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=919448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=987367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=998153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-12207/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11135/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16232/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16233/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16234/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17056/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17133/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17666/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7023735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7024251\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f4bae99\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15-SP1:zypper in -t patch\nSUSE-SLE-Product-WE-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise Module for Live Patching 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Live-Patching-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise Module for Legacy Software 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Legacy-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2947=1\n\nSUSE Linux Enterprise High Availability 15-SP1:zypper in -t patch\nSUSE-SLE-Product-HA-15-SP1-2019-2947=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-kvmsmall-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-kvmsmall-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-livepatch-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-zfcpdump-man-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-default-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-build-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-obs-qa-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-syms-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-debugsource-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kernel-vanilla-livepatch-devel-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-4.12.14-197.26.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-197.26.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:25", "description": "Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4185-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-4.15", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4185-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4185-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130965);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_xref(name:\"USN\", value:\"4185-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4185-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4185-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-4.15\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4185-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1029-oracle\", pkgver:\"4.15.0-1029.32~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1049-gcp\", pkgver:\"4.15.0-1049.52\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1054-aws\", pkgver:\"4.15.0-1054.56~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1063-azure\", pkgver:\"4.15.0-1063.68\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-69-generic\", pkgver:\"4.15.0-69.78~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-69-generic-lpae\", pkgver:\"4.15.0-69.78~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-69-lowlatency\", pkgver:\"4.15.0-69.78~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1054.54\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1063.66\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1049.63\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.69.89\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.69.89\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1049.63\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.69.89\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.69.89\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1029.22\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual-hwe-16.04\", pkgver:\"4.15.0.69.89\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1029-oracle\", pkgver:\"4.15.0-1029.32\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1048-gke\", pkgver:\"4.15.0-1048.51\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1050-kvm\", pkgver:\"4.15.0-1050.50\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1054-aws\", pkgver:\"4.15.0-1054.56\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1063-oem\", pkgver:\"4.15.0-1063.72\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-69-generic\", pkgver:\"4.15.0-69.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-69-generic-lpae\", pkgver:\"4.15.0-69.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-69-lowlatency\", pkgver:\"4.15.0-69.78\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1054.55\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws-lts-18.04\", pkgver:\"4.15.0.1054.55\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.69.71\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.69.71\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1048.51\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-4.15\", pkgver:\"4.15.0.1048.51\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.15.0.1050.50\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.69.71\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.1063.67\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle\", pkgver:\"4.15.0.1029.34\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oracle-lts-18.04\", pkgver:\"4.15.0.1029.34\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.15.0.69.71\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-azure / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T15:51:00", "description": "USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems.\nAlso, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability and regression (USN-4185-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4185-3.NASL", "href": "https://www.tenable.com/plugins/nessus/131013", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4185-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131013);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_xref(name:\"USN\", value:\"4185-3\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerability and regression (USN-4185-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4185-1 fixed vulnerabilities in the Linux kernel. It was\ndiscovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter\nCommand Streamer check) was incomplete on 64-bit Intel x86 systems.\nAlso, the update introduced a regression that broke KVM guests where\nextended page tables (EPT) are disabled or not supported. This update\naddresses both issues.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4185-3/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4185-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-70-generic\", pkgver:\"4.15.0-70.79~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-70-generic-lpae\", pkgver:\"4.15.0-70.79~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-70-lowlatency\", pkgver:\"4.15.0-70.79~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.70.90\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.70.90\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.70.90\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.70.90\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual-hwe-16.04\", pkgver:\"4.15.0.70.90\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1064-oem\", pkgver:\"4.15.0-1064.73\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-70-generic\", pkgver:\"4.15.0-70.79\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-70-generic-lpae\", pkgver:\"4.15.0-70.79\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-70-lowlatency\", pkgver:\"4.15.0-70.79\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.70.72\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.70.72\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.70.72\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.1064.68\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.15.0.70.72\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-generic / linux-image-4.15-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T15:50:58", "description": "The SUSE Linux Enterprise 15-SP1 Azure Kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 (bnc#1117665 1152505 1155812 1155817 1155945) CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).\n\nThe set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251 (bnc#1139073 1152497 1152505 1152506). CVE-2019-18805: There was a signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6 (bnc#1156187).\n\nCVE-2019-17055: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bnc#1152782).\n\nCVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685).\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2953-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-10220", "CVE-2019-11135", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-16995", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666", "CVE-2019-18805"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2953-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130951", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2953-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130951);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-10220\",\n \"CVE-2019-11135\",\n \"CVE-2019-16232\",\n \"CVE-2019-16233\",\n \"CVE-2019-16234\",\n \"CVE-2019-16995\",\n \"CVE-2019-17055\",\n \"CVE-2019-17056\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\",\n \"CVE-2019-18805\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:2953-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 15-SP1 Azure Kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit\na race condition in the Instruction Fetch Unit of the Intel CPU to\ncause a Machine Exception during Page Size Change, causing the CPU\ncore to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size\nchanges in executable pages by splitting / merging huge pages into\nsmall pages as More information can be found on\nhttps://www.suse.com/support/kb/doc/?id=7023735 (bnc#1117665 1152505\n1155812 1155817 1155945) CVE-2019-11135: Aborting an asynchronous TSX\noperation on Intel CPUs with Transactional Memory support could be\nused to facilitate sidechannel information leaks out of\nmicroarchitectural buffers, similar to the previously described\n'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable\nTSX operation altogether (requiring CPU Microcode updates on\nolder systems) and better flushing of microarchitectural\nbuffers (VERW).\n\nThe set of options available is described in our TID at\nhttps://www.suse.com/support/kb/doc/?id=7024251 (bnc#1139073\n1152497 1152505 1152506). CVE-2019-18805: There was a signed\ninteger overflow in tcp_ack_update_rtt() when userspace\nwrites a very large integer to\n/proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of\nservice or possibly unspecified other impact, aka\nCID-19fad20d15a6 (bnc#1156187).\n\nCVE-2019-17055: The AF_NFC network module did not enforce CAP_NET_RAW,\nwhich meant that unprivileged users could create a raw socket\n(bnc#1152782).\n\nCVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if\nhsr_add_port failed to add a port, which may have caused denial of\nservice (bsc#1152685).\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the\nalloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the\nuser space. (bsc#1144903).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code\n(bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the\nMarwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue\nreturn value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID\nIE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,\nwhich meant that unprivileged users could create a raw socket\n(bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046299\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097585\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122363\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151225\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152624\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155692\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156187\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=919448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=987367\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=998153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-12207/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11135/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16232/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16233/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16234/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17055/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17056/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17133/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17666/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-18805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7023735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7024251\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6873dc02\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2953=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-18805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.12.14-6.29.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.12.14-6.29.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:24", "description": "The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135:\nAborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).\n\nThe set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251 CVE-2019-0154: Fix a local denial of service via read of unprotected i915 registers.\n(bsc#1135966)\n\nCVE-2019-0155: Fix privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967)\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).\n\nCVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465)\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-10220", "CVE-2019-11135", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-16995", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource", "p-cpe:/a:novell:suse_linux:kernel-obs-qa", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base", "p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default", "p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2946-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130946", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2946-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130946);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-12207\",\n \"CVE-2019-0154\",\n \"CVE-2019-0155\",\n \"CVE-2019-10220\",\n \"CVE-2019-11135\",\n \"CVE-2019-16232\",\n \"CVE-2019-16233\",\n \"CVE-2019-16234\",\n \"CVE-2019-16995\",\n \"CVE-2019-17056\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 15 kernel was updated to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit\na race condition in the Instruction Fetch Unit of the Intel CPU to\ncause a Machine Exception during Page Size Change, causing the CPU\ncore to be non-functional.\n\nThe Linux Kernel kvm hypervisor was adjusted to avoid page size\nchanges in executable pages by splitting / merging huge pages into\nsmall pages as needed. More information can be found on\nhttps://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135:\nAborting an asynchronous TSX operation on Intel CPUs with\nTransactional Memory support could be used to facilitate sidechannel\ninformation leaks out of microarchitectural buffers, similar to the\npreviously described 'Microarchitectural Data Sampling' attack.\n\nThe Linux kernel was supplemented with the option to disable TSX\noperation altogether (requiring CPU Microcode updates on older\nsystems) and better flushing of microarchitectural buffers (VERW).\n\nThe set of options available is described in our TID at\nhttps://www.suse.com/support/kb/doc/?id=7024251 CVE-2019-0154: Fix a\nlocal denial of service via read of unprotected i915 registers.\n(bsc#1135966)\n\nCVE-2019-0155: Fix privilege escalation in the i915 driver. Batch\nbuffers from usermode could have escalated privileges via blitter\ncommand stream. (bsc#1135967)\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the\nalloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the\nuser space. (bsc#1144903).\n\nCVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if\nhsr_add_port failed to add a port, which may have caused denial of\nservice (bsc#1152685).\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code\n(bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the\nMarwell libertas driver (bsc#1150465)\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue\nreturn value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID\nIE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,\nwhich meant that unprivileged users could create a raw socket\n(bsc#1152788).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046299\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097585\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152624\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-12207/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-0154/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-0155/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11135/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16232/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16233/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16234/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17056/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17133/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17666/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7023735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7024251\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c2c4ec3a\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 15:zypper in -t patch\nSUSE-SLE-Product-WE-15-2019-2946=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2946=1\n\nSUSE Linux Enterprise Module for Live Patching 15:zypper in -t patch\nSUSE-SLE-Module-Live-Patching-15-2019-2946=1\n\nSUSE Linux Enterprise Module for Legacy Software 15:zypper in -t patch\nSUSE-SLE-Module-Legacy-15-2019-2946=1\n\nSUSE Linux Enterprise Module for Development Tools 15:zypper in -t\npatch SUSE-SLE-Module-Development-Tools-15-2019-2946=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2946=1\n\nSUSE Linux Enterprise High Availability 15:zypper in -t patch\nSUSE-SLE-Product-HA-15-2019-2946=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-base-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-base-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-devel-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-default-devel-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-build-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-build-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-obs-qa-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-syms-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-base-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kernel-vanilla-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kselftests-kmp-default-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"reiserfs-kmp-default-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"reiserfs-kmp-default-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-zfcpdump-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-base-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-base-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-devel-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-default-devel-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-build-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-build-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-obs-qa-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-syms-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-base-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-debuginfo-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kernel-vanilla-debugsource-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kselftests-kmp-default-4.12.14-150.41.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"kselftests-kmp-default-debuginfo-4.12.14-150.41.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:50", "description": "USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems.\nThis update addresses the issue.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666)\n\nMaddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-4186-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666", "CVE-2019-2215"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4186-3.NASL", "href": "https://www.tenable.com/plugins/nessus/131014", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4186-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131014);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n script_xref(name:\"USN\", value:\"4186-3\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerability (USN-4186-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4186-1 fixed vulnerabilities in the Linux kernel. It was\ndiscovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter\nCommand Streamer check) was incomplete on 64-bit Intel x86 systems.\nThis update addresses the issue.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi\nconfiguration interface for the Linux kernel when handling beacon\nsettings. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666)\n\nMaddie Stone discovered that the Binder IPC Driver implementation in\nthe Linux kernel contained a use-after-free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2019-2215).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4186-3/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Binder Use-After-Free Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4186-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-169-generic\", pkgver:\"4.4.0-169.198\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-169-generic-lpae\", pkgver:\"4.4.0-169.198\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-169-lowlatency\", pkgver:\"4.4.0-169.198\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.169.177\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.169.177\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.169.177\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.169.177\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:33", "description": "Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666)\n\nMaddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4186-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666", "CVE-2019-2215"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-4186-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4186-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130966);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n script_xref(name:\"USN\", value:\"4186-1\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4186-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nIt was discovered that a buffer overflow existed in the 802.11 Wi-Fi\nconfiguration interface for the Linux kernel when handling beacon\nsettings. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-16746)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666)\n\nMaddie Stone discovered that the Binder IPC Driver implementation in\nthe Linux kernel contained a use-after-free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2019-2215).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4186-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Binder Use-After-Free Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\", \"CVE-2019-2215\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4186-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1062-kvm\", pkgver:\"4.4.0-1062.69\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1098-aws\", pkgver:\"4.4.0-1098.109\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-168-generic\", pkgver:\"4.4.0-168.197\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-168-generic-lpae\", pkgver:\"4.4.0-168.197\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-168-lowlatency\", pkgver:\"4.4.0-168.197\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1098.102\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.168.176\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.168.176\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1062.62\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.168.176\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.168.176\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:00", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.(CVE-2019-18809)\n\n - A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.(CVE-2019-18813)\n\n - A memory leak in the ql_alloc_large_buffers() function in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux kernel before 5.3.5 allows local users to cause a denial of service (memory consumption) by triggering pci_dma_mapping_error() failures, aka CID-1acb8f2a7a9f.(CVE-2019-18806)\n\n - drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.(CVE-2019-16234)\n\n - Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access.(CVE-2019-0136)\n\n - An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.(CVE-2019-16746)\n\n - In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.(CVE-2019-17133)\n\n - rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.(CVE-2019-17666)\n\n - An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable.\n This could allow an attacker to trigger a Denial of Service, exploitable if this driver is used on an architecture for which this stack/DMA interaction has security relevance.(CVE-2019-17075)\n\n - ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.(CVE-2019-17052)\n\n - ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.(CVE-2019-17053)\n\n - atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.(CVE-2019-17054)\n\n - base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.(CVE-2019-17055)\n\n - llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.(CVE-2019-17056)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2283)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-0136", "CVE-2019-16234", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17075", "CVE-2019-17133", "CVE-2019-17666", "CVE-2019-18806", "CVE-2019-18809", "CVE-2019-18813"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2283.NASL", "href": "https://www.tenable.com/plugins/nessus/131349", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131349);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2019-0136\",\n \"CVE-2019-16234\",\n \"CVE-2019-16746\",\n \"CVE-2019-17052\",\n \"CVE-2019-17053\",\n \"CVE-2019-17054\",\n \"CVE-2019-17055\",\n \"CVE-2019-17056\",\n \"CVE-2019-17075\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\",\n \"CVE-2019-18806\",\n \"CVE-2019-18809\",\n \"CVE-2019-18813\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2019-2283)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A memory leak in the af9005_identify_state() function\n in drivers/media/usb/dvb-usb/af9005.c in the Linux\n kernel through 5.3.9 allows attackers to cause a denial\n of service (memory consumption), aka\n CID-2289adbfa559.(CVE-2019-18809)\n\n - A memory leak in the dwc3_pci_probe() function in\n drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through\n 5.3.9 allows attackers to cause a denial of service\n (memory consumption) by triggering\n platform_device_add_properties() failures, aka\n CID-9bbfceea12a8.(CVE-2019-18813)\n\n - A memory leak in the ql_alloc_large_buffers() function\n in drivers/net/ethernet/qlogic/qla3xxx.c in the Linux\n kernel before 5.3.5 allows local users to cause a\n denial of service (memory consumption) by triggering\n pci_dma_mapping_error() failures, aka\n CID-1acb8f2a7a9f.(CVE-2019-18806)\n\n - drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the\n Linux kernel 5.2.14 does not check the alloc_workqueue\n return value, leading to a NULL pointer\n dereference.(CVE-2019-16234)\n\n - Insufficient access control in the Intel(R)\n PROSet/Wireless WiFi Software driver before version\n 21.10 may allow an unauthenticated user to potentially\n enable denial of service via adjacent\n access.(CVE-2019-0136)\n\n - An issue was discovered in net/wireless/nl80211.c in\n the Linux kernel through 5.2.17. It does not check the\n length of variable elements in a beacon head, leading\n to a buffer overflow.(CVE-2019-16746)\n\n - In the Linux kernel through 5.3.2,\n cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c\n does not reject a long SSID IE, leading to a Buffer\n Overflow.(CVE-2019-17133)\n\n - rtl_p2p_noa_ie in\n drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux\n kernel through 5.3.6 lacks a certain upper-bound check,\n leading to a buffer overflow.(CVE-2019-17666)\n\n - An issue was discovered in write_tpt_entry in\n drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel\n through 5.3.2. The cxgb4 driver is directly calling\n dma_map_single (a DMA function) from a stack variable.\n This could allow an attacker to trigger a Denial of\n Service, exploitable if this driver is used on an\n architecture for which this stack/DMA interaction has\n security relevance.(CVE-2019-17075)\n\n - ax25_create in net/ax25/af_ax25.c in the AF_AX25\n network module in the Linux kernel through 5.3.2 does\n not enforce CAP_NET_RAW, which means that unprivileged\n users can create a raw socket, aka\n CID-0614e2b73768.(CVE-2019-17052)\n\n - ieee802154_create in net/ieee802154/socket.c in the\n AF_IEEE802154 network module in the Linux kernel\n through 5.3.2 does not enforce CAP_NET_RAW, which means\n that unprivileged users can create a raw socket, aka\n CID-e69dbd4619e7.(CVE-2019-17053)\n\n - atalk_create in net/appletalk/ddp.c in the AF_APPLETALK\n network module in the Linux kernel through 5.3.2 does\n not enforce CAP_NET_RAW, which means that unprivileged\n users can create a raw socket, aka\n CID-6cc03e8aa36c.(CVE-2019-17054)\n\n - base_sock_create in drivers/isdn/mISDN/socket.c in the\n AF_ISDN network module in the Linux kernel through\n 5.3.2 does not enforce CAP_NET_RAW, which means that\n unprivileged users can create a raw socket, aka\n CID-b91ee4aa2a21.(CVE-2019-17055)\n\n - llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC\n network module in the Linux kernel through 5.3.2 does\n not enforce CAP_NET_RAW, which means that unprivileged\n users can create a raw socket, aka\n CID-3a359798b176.(CVE-2019-17056)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2283\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?751dbe06\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17666\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-17133\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"bpftool-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h529.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:25", "description": "USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems.\nAlso, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-14T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerability and regression (USN-4184-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-15791", "CVE-2019-15792", "CVE-2019-15793", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4184-2.NASL", "href": "https://www.tenable.com/plugins/nessus/131012", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4184-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131012);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_xref(name:\"USN\", value:\"4184-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerability and regression (USN-4184-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4184-1 fixed vulnerabilities in the Linux kernel. It was\ndiscovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter\nCommand Streamer check) was incomplete on 64-bit Intel x86 systems.\nAlso, the update introduced a regression that broke KVM guests where\nextended page tables (EPT) are disabled or not supported. This update\naddresses both issues.\n\nWe apologize for the inconvenience.\n\nStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux\nkernel did not use the correct file system uid/gid when the user\nnamespace of a lower file system is not in the init user namespace. A\nlocal attacker could use this to possibly bypass DAC permissions or\nhave some other unspecified impact. (CVE-2019-15793)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4184-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4184-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1028-oem-osp1\", pkgver:\"5.0.0-1028.32\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-36-generic\", pkgver:\"5.0.0-36.39~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-36-generic-lpae\", pkgver:\"5.0.0-36.39~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-36-lowlatency\", pkgver:\"5.0.0-36.39~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.36.94\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.36.94\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.36.94\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem-osp1\", pkgver:\"5.0.0.1028.32\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.36.94\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-36-generic\", pkgver:\"5.0.0-36.39\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-36-generic-lpae\", pkgver:\"5.0.0-36.39\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-36-lowlatency\", pkgver:\"5.0.0-36.39\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.36.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.36.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.36.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.36.38\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-generic / linux-image-5.0-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:33", "description": "Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793)\n\nOri Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-13T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4184-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-15791", "CVE-2019-15792", "CVE-2019-15793", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4184-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130964", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4184-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130964);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n script_xref(name:\"USN\", value:\"4184-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 19.04 : Linux kernel vulnerabilities (USN-4184-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro\nFrigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi\nMaisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van\nBulck discovered that Intel processors using Transactional\nSynchronization Extensions (TSX) could expose memory contents\npreviously stored in microarchitectural buffers to a malicious process\nthat is executing on the same CPU core. A local attacker could use\nthis to expose sensitive information. (CVE-2019-11135)\n\nIt was discovered that the Intel i915 graphics chipsets allowed\nuserspace to modify page table entries via writes to MMIO from the\nBlitter Command Streamer and expose kernel memory information. A local\nattacker could use this to expose sensitive information or possibly\nelevate privileges. (CVE-2019-0155)\n\nDeepak Gupta discovered that on certain Intel processors, the Linux\nkernel did not properly perform invalidation on page table updates by\nvirtual guest operating systems. A local attacker in a guest VM could\nuse this to cause a denial of service (host system crash).\n(CVE-2018-12207)\n\nIt was discovered that the Intel i915 graphics chipsets could cause a\nsystem hang when userspace performed a read from GT memory mapped\ninput output (MMIO) when the product is in certain low power states. A\nlocal attacker could use this to cause a denial of service.\n(CVE-2019-0154)\n\nHui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver\nfor the Linux kernel did not properly validate endpoint descriptors\nreturned by the device. A physically proximate attacker could use this\nto cause a denial of service (system crash). (CVE-2019-15098)\n\nJann Horn discovered a reference count underflow in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15791)\n\nJann Horn discovered a type confusion vulnerability in the shiftfs\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-15792)\n\nJann Horn discovered that the shiftfs implementation in the Linux\nkernel did not use the correct file system uid/gid when the user\nnamespace of a lower file system is not in the init user namespace. A\nlocal attacker could use this to possibly bypass DAC permissions or\nhave some other unspecified impact. (CVE-2019-15793)\n\nOri Nimron discovered that the AX25 network protocol implementation in\nthe Linux kernel did not properly perform permissions checks. A local\nattacker could use this to create a raw socket. (CVE-2019-17052)\n\nOri Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17053)\n\nOri Nimron discovered that the Appletalk network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17054)\n\nOri Nimron discovered that the modular ISDN network protocol\nimplementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17055)\n\nOri Nimron discovered that the Near field Communication (NFC) network\nprotocol implementation in the Linux kernel did not properly perform\npermissions checks. A local attacker could use this to create a raw\nsocket. (CVE-2019-17056)\n\nNico Waisman discovered that a buffer overflow existed in the Realtek\nWi-Fi driver for the Linux kernel when handling Notice of Absence\nframes. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2019-17666).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4184-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.0-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-12207\", \"CVE-2019-0154\", \"CVE-2019-0155\", \"CVE-2019-11135\", \"CVE-2019-15098\", \"CVE-2019-15791\", \"CVE-2019-15792\", \"CVE-2019-15793\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17666\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-4184-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1025-azure\", pkgver:\"5.0.0-1025.27~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1025-gcp\", pkgver:\"5.0.0-1025.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1025-gke\", pkgver:\"5.0.0-1025.26~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-1027-oem-osp1\", pkgver:\"5.0.0-1027.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-35-generic\", pkgver:\"5.0.0-35.38~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-35-generic-lpae\", pkgver:\"5.0.0-35.38~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-5.0.0-35-lowlatency\", pkgver:\"5.0.0-35.38~18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1025.36\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1025.29\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-hwe-18.04\", pkgver:\"5.0.0.35.93\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae-hwe-18.04\", pkgver:\"5.0.0.35.93\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke-5.0\", pkgver:\"5.0.0.1025.14\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency-hwe-18.04\", pkgver:\"5.0.0.35.93\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem-osp1\", pkgver:\"5.0.0.1027.31\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon-hwe-18.04\", pkgver:\"5.0.0.35.93\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-virtual-hwe-18.04\", pkgver:\"5.0.0.35.93\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1007-oracle\", pkgver:\"5.0.0-1007.12\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1021-aws\", pkgver:\"5.0.0-1021.24\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1022-kvm\", pkgver:\"5.0.0-1022.24\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1022-raspi2\", pkgver:\"5.0.0-1022.23\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1025-azure\", pkgver:\"5.0.0-1025.27\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-1025-gcp\", pkgver:\"5.0.0-1025.26\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-35-generic\", pkgver:\"5.0.0-35.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-35-generic-lpae\", pkgver:\"5.0.0-35.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-5.0.0-35-lowlatency\", pkgver:\"5.0.0-35.38\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-aws\", pkgver:\"5.0.0.1021.23\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-azure\", pkgver:\"5.0.0.1025.25\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gcp\", pkgver:\"5.0.0.1025.50\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic\", pkgver:\"5.0.0.35.37\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"5.0.0.35.37\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-gke\", pkgver:\"5.0.0.1025.50\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-kvm\", pkgver:\"5.0.0.1022.23\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"5.0.0.35.37\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-oracle\", pkgver:\"5.0.0.1007.33\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-raspi2\", pkgver:\"5.0.0.1022.20\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"linux-image-virtual\", pkgver:\"5.0.0.35.37\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-5.0-aws / linux-image-5.0-azure / linux-image-5.0-gcp / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:45", "description": "The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which might have led denial of service (bsc#1149448).\n\nCVE-2019-0154: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable denial of service via local access (bsc#1135966).\n\nCVE-2019-0155: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135967).\n\nCVE-2019-16231: Fixed a NULL pointer dereference due to lack of checking the alloc_workqueue return value (bsc#1150466).\n\nCVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt() leading to a denial of service or possibly unspecified other impact (bsc#1156187).\n\nCVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to restrict unprivileged users to create a raw socket (bsc#1152782).\n\nCVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may have caused denial of service (bsc#1152685).\n\nCVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.(bsc#1139073). The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW). The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903)\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).\n\nCVE-2019-15291: Fixed a NULL pointer dereference caused by a malicious USB device in the flexcop_usb_probe function (bsc#1146519).\n\nCVE-2019-14821: Fixed an out-of-bounds access resulting in a denial of service or potentially escalating privileges on the system (bnc#1151350).\n\nCVE-2017-18595: Fixed a double free which caused by the function allocate_trace_buffer (bsc#1149555).\n\nCVE-2019-9506: Fixed an issue with Bluetooth which permited low encryption key length and did not prevent an attacker from influencing the key length negotiation allowing brute-force attacks (bsc#1137865).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18595", "CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-10220", "CVE-2019-11135", "CVE-2019-14821", "CVE-2019-15291", "CVE-2019-15916", "CVE-2019-16231", "CVE-2019-16232", "CVE-2019-16233", "CVE-2019-16234", "CVE-2019-16995", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17133", "CVE-2019-17666", "CVE-2019-18805", "CVE-2019-9506"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt-base", "p-cpe:/a:novell:suse_linux:kernel-rt-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-debugsource", "p-cpe:/a:novell:suse_linux:kernel-rt-devel", "p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-extra", "p-cpe:/a:novell:suse_linux:kernel-rt-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-base", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-rt", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt-debuginfo", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-3295-1.NASL", "href": "https://www.tenable.com/plugins/nessus/132071", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:3295-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132071);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2017-18595\",\n \"CVE-2018-12207\",\n \"CVE-2019-0154\",\n \"CVE-2019-0155\",\n \"CVE-2019-9506\",\n \"CVE-2019-10220\",\n \"CVE-2019-11135\",\n \"CVE-2019-14821\",\n \"CVE-2019-15291\",\n \"CVE-2019-15916\",\n \"CVE-2019-16231\",\n \"CVE-2019-16232\",\n \"CVE-2019-16233\",\n \"CVE-2019-16234\",\n \"CVE-2019-16995\",\n \"CVE-2019-17055\",\n \"CVE-2019-17056\",\n \"CVE-2019-17133\",\n \"CVE-2019-17666\",\n \"CVE-2019-18805\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which\nmight have led denial of service (bsc#1149448).\n\nCVE-2019-0154: Fixed an improper access control in subsystem for Intel\n(R) processor graphics whichs may have allowed an authenticated user\nto potentially enable denial of service via local access\n(bsc#1135966).\n\nCVE-2019-0155: Fixed an improper access control in subsystem for Intel\n(R) processor graphics whichs may have allowed an authenticated user\nto potentially enable escalation of privilege via local access\n(bsc#1135967).\n\nCVE-2019-16231: Fixed a NULL pointer dereference due to lack of\nchecking the alloc_workqueue return value (bsc#1150466).\n\nCVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt()\nleading to a denial of service or possibly unspecified other impact\n(bsc#1156187).\n\nCVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to\nrestrict unprivileged users to create a raw socket (bsc#1152782).\n\nCVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may\nhave caused denial of service (bsc#1152685).\n\nCVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs\nwith Transactional Memory support could be used to facilitate\nsidechannel information leaks out of microarchitectural buffers,\nsimilar to the previously described 'Microarchitectural Data Sampling'\nattack.(bsc#1139073). The Linux kernel was supplemented with the\noption to disable TSX operation altogether (requiring CPU Microcode\nupdates on older systems) and better flushing of microarchitectural\nbuffers (VERW). The set of options available is described in our TID\nat https://www.suse.com/support/kb/doc/?id=7024251\n\nCVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the\nalloc_workqueue return value, leading to a NULL pointer dereference.\n(bsc#1150457).\n\nCVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit\na race condition in the Instruction Fetch Unit of the Intel CPU to\ncause a Machine Exception during Page Size Change, causing the CPU\ncore to be non-functional.\n\nCVE-2019-10220: Added sanity checks on the pathnames passed to the\nuser space. (bsc#1144903)\n\nCVE-2019-17666: rtlwifi: Fix potential overflow in P2P code\n(bsc#1154372).\n\nCVE-2019-16232: Fix a potential NULL pointer dereference in the\nMarwell libertas driver (bsc#1150465).\n\nCVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue\nreturn value, leading to a NULL pointer dereference. (bsc#1150452).\n\nCVE-2019-17133: cfg80211 wireless extension did not reject a long SSID\nIE, leading to a Buffer Overflow (bsc#1153158).\n\nCVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW,\nwhich meant that unprivileged users could create a raw socket\n(bsc#1152788).\n\nCVE-2019-15291: Fixed a NULL pointer dereference caused by a malicious\nUSB device in the flexcop_usb_probe function (bsc#1146519).\n\nCVE-2019-14821: Fixed an out-of-bounds access resulting in a denial of\nservice or potentially escalating privileges on the system\n(bnc#1151350).\n\nCVE-2017-18595: Fixed a double free which caused by the function\nallocate_trace_buffer (bsc#1149555).\n\nCVE-2019-9506: Fixed an issue with Bluetooth which permited low\nencryption key length and did not prevent an attacker from influencing\nthe key length negotiation allowing brute-force attacks (bsc#1137865).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046299\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066129\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1071995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090631\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096254\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097583\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097584\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097585\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097587\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1097588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113994\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119086\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131107\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1131304\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133140\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1134303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135642\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135873\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1135967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137069\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137861\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1137982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140090\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140883\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1141600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142076\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143706\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144338\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144375\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1144903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1145099\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1146664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148133\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148410\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1148868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149313\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149853\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150305\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150423\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1150875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151067\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151192\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151350\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151508\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151891\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1151955\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152025\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152026\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152161\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152187\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152497\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152525\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152624\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152665\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152685\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152790\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1152975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153263\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153718\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153969\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154124\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154242\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154268\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154372\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154601\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154608\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154610\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154737\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154747\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154848\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155186\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155671\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155692\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155836\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156187\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156429\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156494\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156609\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-18595/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-12207/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-0154/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-0155/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10220/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-11135/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14821/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15291/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15916/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16231/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16232/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16233/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16234/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-16995/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17055/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17056/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17133/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-17666/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-18805/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9506/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/support/kb/doc/?id=7024251\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?93d68aa5\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Realtime 15-SP1:zypper in -t patch\nSUSE-SLE-Module-RT-15-SP1-2019-3295=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-3295=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10220\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-18805\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-base-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-base-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debugsource-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-devel-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-livepatch-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debugsource-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-devel-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-livepatch-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-rt-4.12.14-14.14.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"cluster-md-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"dlm-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"gfs2-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-debugsource-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-extra-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt-livepatch-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-base-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-debugsource-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-extra-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-rt_debug-livepatch-devel-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"kselftests-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"ocfs2-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt-debuginfo-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-4.12.14-14.14.3\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"reiserfs-kmp-rt_debug-debuginfo-4.12.14-14.14.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:46", "description": "New kernel packages are available for Slackware 14.2 to fix security issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-10905", "CVE-2016-10906", "CVE-2018-20976", "CVE-2019-10638", "CVE-2019-14814", "CVE-2019-14816", "CVE-2019-14821", "CVE-2019-14835", "CVE-2019-15098", "CVE-2019-15117", "CVE-2019-15118", "CVE-2019-15505", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17075", "CVE-2019-17133", "CVE-2019-2215", "CVE-2019-3900"], "modified": "2022-12-06T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-311-01.NASL", "href": "https://www.tenable.com/plugins/nessus/130751", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-311-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130751);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/06\");\n\n script_cve_id(\"CVE-2016-10905\", \"CVE-2016-10906\", \"CVE-2018-20976\", \"CVE-2019-10638\", \"CVE-2019-14814\", \"CVE-2019-14816\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15098\", \"CVE-2019-15117\", \"CVE-2019-15118\", \"CVE-2019-15505\", \"CVE-2019-16746\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-2215\", \"CVE-2019-3900\");\n script_xref(name:\"SSA\", value:\"2019-311-01\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-311-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"New kernel packages are available for Slackware 14.2 to fix security\nissues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.756390\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c772912b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android Binder Use-After-Free Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.199\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.199_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.199_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.199\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.199_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.199\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.199_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.199_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.199\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.199\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.199\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.199\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.199\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-01T16:39:45", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc.Security Fix(es):An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the functions ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx in the file driverset/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)An issue was discovered in the Linux kernel before 5.0.6.\n There is a memory leak issue when idr_alloc() fails in genl_register_family() in netetlink/genetlink.c.(CVE-2019-15921)An issue was discovered in the Linux kernel before 4.20.2. An out-of-bounds access exists in the function build_audio_procunit in the file sound/usb/mixer.c.(CVE-2019-15927)An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.(CVE-2018-20976)In the Linux kernel before 5.1.13, there is a memory leak in drivers/scsi/libsas/sas_expander.c when SAS expander discovery fails. This will cause a BUG and denial of service.(CVE-2019-15807)A vulnerability was found in Linux kernel's, versions up to 3.10, implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).(CVE-2019-10140)In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting.\n Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation.(CVE-2019-15239)check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.(CVE-2019-15118)drivers et/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.(CVE-2019-15099)drivers et/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.(CVE-2019-15098)A flaw was found in the Linux kernel's Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.(CVE-2019-10207)It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.(CVE-2018-1128)ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.(CVE-2019-17052)ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.(CVE-2019-17053)atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.(CVE-2019-17054)base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.(CVE-2019-17055)llcp_sock_create in net fc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.(CVE-2019-17056)A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system, corrupt memory, or create other adverse security affects.(CVE-2019-10142)drivers/media/usb/dvb-usb/techn isat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).(CVE-2019-15505)An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect i_size_write() properly, which causes an i_size_read() infinite loop and denial of service on SMP systems.(CVE-2019-16413)An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota.\n xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.(CVE-2019-15538)A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.(CVE-2019-14835)An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.(CVE-2019-14821)An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'.\n (CVE-2019-1125)drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.(CVE-2019-16233)An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_module in drivers et/ethernet/intel/fm10k/fm10k_main.c has a NULL pointer dereference because there is no -ENOMEM upon an alloc_workqueue failure.(CVE-2019-15924)An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers et/wireless/intersil/p54/p54usb.c driver.(CVE-2019-15220 )In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.(CVE-2019-10638)There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.( CVE-2019-14814)** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.\n When the candidate has been publicized, the details for this candidate will be provided.( CVE-2019-14815)There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.( CVE-2019-14816)A flaw was found in the way Linux kernel KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.(CVE-2018-10853)A NULL pointer dereference was found in the net/rds/rdma.c\n __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.(CVE-2018-7492)An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net fc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects nfc_llcp_build_gb in netfc/llcp_core.c.(CVE-2019-12818)An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.(CVE-2019-15218)An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.(CVE-2019-15219)An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.(CVE-2019-15221)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10853", "CVE-2018-1128", "CVE-2018-20976", "CVE-2018-7492", "CVE-2019-10140", "CVE-2019-10142", "CVE-2019-10207", "CVE-2019-10638", "CVE-2019-1125", "CVE-2019-12818", "CVE-2019-14814", "CVE-2019-14815", "CVE-2019-14816", "CVE-2019-14821", "CVE-2019-14835", "CVE-2019-15098", "CVE-2019-15099", "CVE-2019-15118", "CVE-2019-15218", "CVE-2019-15219", "CVE-2019-15220", "CVE-2019-15221", "CVE-2019-15239", "CVE-2019-15292", "CVE-2019-15505", "CVE-2019-15538", "CVE-2019-15807", "CVE-2019-15921", "CVE-2019-15924", "CVE-2019-15926", "CVE-2019-15927", "CVE-2019-16233", "CVE-2019-16413", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2201.NASL", "href": "https://www.tenable.com/plugins/nessus/130663", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130663);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10853\",\n \"CVE-2018-1128\",\n \"CVE-2018-20976\",\n \"CVE-2018-7492\",\n \"CVE-2019-10140\",\n \"CVE-2019-10142\",\n \"CVE-2019-10207\",\n \"CVE-2019-10638\",\n \"CVE-2019-1125\",\n \"CVE-2019-12818\",\n \"CVE-2019-14814\",\n \"CVE-2019-14815\",\n \"CVE-2019-14816\",\n \"CVE-2019-14821\",\n \"CVE-2019-14835\",\n \"CVE-2019-15098\",\n \"CVE-2019-15099\",\n \"CVE-2019-15118\",\n \"CVE-2019-15218\",\n \"CVE-2019-15219\",\n \"CVE-2019-15220\",\n \"CVE-2019-15221\",\n \"CVE-2019-15239\",\n \"CVE-2019-15292\",\n \"CVE-2019-15505\",\n \"CVE-2019-15538\",\n \"CVE-2019-15807\",\n \"CVE-2019-15921\",\n \"CVE-2019-15924\",\n \"CVE-2019-15926\",\n \"CVE-2019-15927\",\n \"CVE-2019-16233\",\n \"CVE-2019-16413\",\n \"CVE-2019-17052\",\n \"CVE-2019-17053\",\n \"CVE-2019-17054\",\n \"CVE-2019-17055\",\n \"CVE-2019-17056\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-2201)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):An issue was discovered in\n the Linux kernel before 5.2.3. Out of bounds access\n exists in the functions\n ath6kl_wmi_pstream_timeout_event_rx and\n ath6kl_wmi_cac_event_rx in the file\n driverset/wireless/ath/ath6kl/wmi.c.(CVE-2019-15926)An\n issue was discovered in the Linux kernel before 5.0.6.\n There is a memory leak issue when idr_alloc() fails in\n genl_register_family() in\n netetlink/genetlink.c.(CVE-2019-15921)An issue was\n discovered in the Linux kernel before 4.20.2. An\n out-of-bounds access exists in the function\n build_audio_procunit in the file\n sound/usb/mixer.c.(CVE-2019-15927)An issue was\n discovered in the Linux kernel before 5.0.9. There is a\n use-after-free in atalk_proc_exit, related to\n net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and\n net/appletalk/sysctl_net_atalk.c.(CVE-2019-15292)An\n issue was discovered in fs/xfs/xfs_super.c in the Linux\n kernel before 4.18. A use after free exists, related to\n xfs_fs_fill_super failure.(CVE-2018-20976)In the Linux\n kernel before 5.1.13, there is a memory leak in\n drivers/scsi/libsas/sas_expander.c when SAS expander\n discovery fails. This will cause a BUG and denial of\n service.(CVE-2019-15807)A vulnerability was found in\n Linux kernel's, versions up to 3.10, implementation of\n overlayfs. An attacker with local access can create a\n denial of service situation via NULL pointer\n dereference in ovl_posix_acl_create function in\n fs/overlayfs/dir.c. This can allow attackers with\n ability to create directories on overlayfs to crash the\n kernel creating a denial of service\n (DOS).(CVE-2019-10140)In the Linux kernel, a certain\n net/ipv4/tcp_output.c change, which was properly\n incorporated into 4.16.12, was incorrectly backported\n to the earlier longterm kernels, introducing a new\n vulnerability that was potentially more severe than the\n issue that was intended to be fixed by backporting.\n Specifically, by adding to a write queue between\n disconnection and re-connection, a local attacker can\n trigger multiple use-after-free conditions. This can\n result in a kernel crash, or potentially in privilege\n escalation.(CVE-2019-15239)check_input_term in\n sound/usb/mixer.c in the Linux kernel through 5.2.9\n mishandles recursion, leading to kernel stack\n exhaustion.(CVE-2019-15118)drivers\n et/wireless/ath/ath10k/usb.c in the Linux kernel\n through 5.2.8 has a NULL pointer dereference via an\n incomplete address in an endpoint\n descriptor.(CVE-2019-15099)drivers\n et/wireless/ath/ath6kl/usb.c in the Linux kernel\n through 5.2.9 has a NULL pointer dereference via an\n incomplete address in an endpoint\n descriptor.(CVE-2019-15098)A flaw was found in the\n Linux kernel's Bluetooth implementation of UART. An\n attacker with local access and write permissions to the\n Bluetooth hardware could use this flaw to issue a\n specially crafted ioctl function call and cause the\n system to crash.(CVE-2019-10207)It was found that cephx\n authentication protocol did not verify ceph clients\n correctly and was vulnerable to replay attack. Any\n attacker having access to ceph cluster network who is\n able to sniff packets on network can use this\n vulnerability to authenticate with ceph service and\n perform actions allowed by ceph service. Ceph branches\n master, mimic, luminous and jewel are believed to be\n vulnerable.(CVE-2018-1128)ax25_create in\n net/ax25/af_ax25.c in the AF_AX25 network module in the\n Linux kernel through 5.3.2 does not enforce\n CAP_NET_RAW, which means that unprivileged users can\n create a raw socket, aka\n CID-0614e2b73768.(CVE-2019-17052)ieee802154_create in\n net/ieee802154/socket.c in the AF_IEEE802154 network\n module in the Linux kernel through 5.3.2 does not\n enforce CAP_NET_RAW, which means that unprivileged\n users can create a raw socket, aka\n CID-e69dbd4619e7.(CVE-2019-17053)atalk_create in\n net/appletalk/ddp.c in the AF_APPLETALK network module\n in the Linux kernel through 5.3.2 does not enforce\n CAP_NET_RAW, which means that unprivileged users can\n create a raw socket, aka\n CID-6cc03e8aa36c.(CVE-2019-17054)base_sock_create in\n drivers/isdn/mISDN/socket.c in the AF_ISDN network\n module in the Linux kernel through 5.3.2 does not\n enforce CAP_NET_RAW, which means that unprivileged\n users can create a raw socket, aka\n CID-b91ee4aa2a21.(CVE-2019-17055)llcp_sock_create in\n net fc/llcp_sock.c in the AF_NFC network module in the\n Linux kernel through 5.3.2 does not enforce\n CAP_NET_RAW, which means that unprivileged users can\n create a raw socket, aka\n CID-3a359798b176.(CVE-2019-17056)A flaw was found in\n the Linux kernel's freescale hypervisor manager\n implementation, kernel versions 5.0.x up to, excluding\n