{"id": "FEDORA:1EEE86087AA1", "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 27 Update: kernel-tools-4.18.19-100.fc27", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "published": "2018-11-27T03:13:41", "modified": "2018-11-27T03:13:41", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6}, "href": "", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2018-18710"], "immutableFields": [], "lastseen": "2021-07-28T14:46:50", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1133", "ALAS2-2018-1133"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:61ADF14D6FEC14FA5E06A7684B091D19", "CFOUNDRY:ACBE18A36EB39832526C9AA3F7A3E9CE"]}, {"type": "cve", "idList": ["CVE-2018-18710"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-18710"]}, {"type": "f5", "idList": ["F5:K11165942"]}, {"type": "fedora", "idList": ["FEDORA:00FDB6087AA0", "FEDORA:122AE604D3F9", "FEDORA:1CAC0608E6F2", "FEDORA:1EFAB60ACFB0", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:250CB6087A80", "FEDORA:296826040AED", "FEDORA:2CDD76006271", "FEDORA:3266960F0E44", "FEDORA:3C2FF6014B8C", "FEDORA:3C394606D98F", "FEDORA:41B546014626", "FEDORA:4A22960A514A", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:5B68260A5858", "FEDORA:690DE6022BA8", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:79EAC605FC25", "FEDORA:7E7A360ACFB3", "FEDORA:85FBF6076011", "FEDORA:89C9C6051B3A", "FEDORA:8FD3E60491BA", "FEDORA:95A686085F81", "FEDORA:9CD7A622281F", "FEDORA:9DF7060ACFA9", "FEDORA:9E3D9606D195", "FEDORA:B395E6087A9D", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:C68476222B32", "FEDORA:DBB1B659CBE0", "FEDORA:E178F6217CD7", "FEDORA:E37FD60924F1", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:F417F60477C5"]}, {"type": "ibm", "idList": ["718AA276AD1F96507AD1B17F8A42616C949B63DCC5D86816603BF65C698FACB0"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1133.NASL", "ALA_ALAS-2018-1133.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "EULEROS_SA-2018-1373.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1178.NASL", "EULEROS_SA-2019-1181.NASL", "EULEROS_SA-2019-1471.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1587.NASL", "EULEROS_SA-2019-2353.NASL", "FEDORA_2018-1621B2204A.NASL", "FEDORA_2018-B68776E5B0.NASL", "FEDORA_2018-F55C305488.NASL", "OPENSUSE-2018-1342.NASL", "OPENSUSE-2018-1427.NASL", "OPENSUSE-2019-893.NASL", "ORACLELINUX_ELSA-2018-4288.NASL", "ORACLELINUX_ELSA-2018-4300.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2018-4304.NASL", "ORACLEVM_OVMSA-2018-0284.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SUSE_SU-2018-3689-1.NASL", "SUSE_SU-2018-3746-1.NASL", "SUSE_SU-2018-3934-1.NASL", "SUSE_SU-2018-4069-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "UBUNTU_USN-3846-1.NASL", "UBUNTU_USN-3847-1.NASL", "UBUNTU_USN-3847-2.NASL", "UBUNTU_USN-3847-3.NASL", "UBUNTU_USN-3848-1.NASL", "UBUNTU_USN-3848-2.NASL", "UBUNTU_USN-3849-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843856", "OPENVAS:1361412562310843857", "OPENVAS:1361412562310843858", "OPENVAS:1361412562310843859", "OPENVAS:1361412562310843860", "OPENVAS:1361412562310843861", "OPENVAS:1361412562310843862", "OPENVAS:1361412562310852108", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310875297", "OPENVAS:1361412562310875302", "OPENVAS:1361412562310875303", "OPENVAS:1361412562310875310", "OPENVAS:1361412562310875311", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875913", "OPENVAS:1361412562310875923", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876095", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562311220181373", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191178", "OPENVAS:1361412562311220191181", "OPENVAS:1361412562311220191471", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191587", "OPENVAS:1361412562311220192353"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-4288", "ELSA-2018-4300", "ELSA-2018-4301", "ELSA-2018-4304", "ELSA-2019-4316"]}, {"type": "photon", "idList": ["PHSA-2018-0113", "PHSA-2018-0198", "PHSA-2018-1.0-0198"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3658-1", "OPENSUSE-SU-2018:3817-1"]}, {"type": "ubuntu", "idList": ["USN-3846-1", "USN-3847-1", "USN-3847-2", "USN-3847-3", "USN-3848-1", "USN-3848-2", "USN-3849-1", "USN-3849-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-18710"]}], "rev": 4}, "score": {"value": 5.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1133"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:61ADF14D6FEC14FA5E06A7684B091D19", "CFOUNDRY:ACBE18A36EB39832526C9AA3F7A3E9CE"]}, {"type": "cve", "idList": ["CVE-2018-18710"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-18710"]}, {"type": "f5", "idList": ["F5:K11165942"]}, {"type": "fedora", "idList": ["FEDORA:00FDB6087AA0", "FEDORA:122AE604D3F9", "FEDORA:1EFAB60ACFB0", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:250CB6087A80", "FEDORA:296826040AED", "FEDORA:2CDD76006271", "FEDORA:3266960F0E44", "FEDORA:3C2FF6014B8C", "FEDORA:41B546014626", "FEDORA:4A22960A514A", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:5B68260A5858", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:7E7A360ACFB3", "FEDORA:8FD3E60491BA", "FEDORA:95A686085F81", "FEDORA:9CD7A622281F", "FEDORA:9DF7060ACFA9", "FEDORA:9E3D9606D195", "FEDORA:B395E6087A9D", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:C68476222B32", "FEDORA:DBB1B659CBE0", "FEDORA:E178F6217CD7", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:F417F60477C5"]}, {"type": "ibm", "idList": ["718AA276AD1F96507AD1B17F8A42616C949B63DCC5D86816603BF65C698FACB0"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1133.NASL", "ALA_ALAS-2018-1133.NASL", "EULEROS_SA-2018-1373.NASL", "FEDORA_2018-1621B2204A.NASL", "FEDORA_2018-F55C305488.NASL", "OPENSUSE-2018-1342.NASL", "OPENSUSE-2018-1427.NASL", "ORACLELINUX_ELSA-2018-4304.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SUSE_SU-2018-3689-1.NASL", "SUSE_SU-2018-3746-1.NASL", "SUSE_SU-2018-4069-1.NASL", "SUSE_SU-2019-0095-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-13937-1.NASL", "UBUNTU_USN-3846-1.NASL", "UBUNTU_USN-3847-1.NASL", "UBUNTU_USN-3847-2.NASL", "UBUNTU_USN-3847-3.NASL", "UBUNTU_USN-3848-1.NASL", "UBUNTU_USN-3848-2.NASL", "UBUNTU_USN-3849-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310843856", "OPENVAS:1361412562310843857", "OPENVAS:1361412562310843858", "OPENVAS:1361412562310843859", "OPENVAS:1361412562310843860", "OPENVAS:1361412562310843861", "OPENVAS:1361412562310843862", "OPENVAS:1361412562310852108", "OPENVAS:1361412562310852140", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-4288", "ELSA-2018-4304"]}, {"type": "photon", "idList": ["PHSA-2018-1.0-0198"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3658-1", "OPENSUSE-SU-2018:3817-1"]}, {"type": "ubuntu", "idList": ["USN-3846-1", "USN-3847-1", "USN-3847-2", "USN-3847-3", "USN-3848-1", "USN-3848-2", "USN-3849-1", "USN-3849-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-18710"]}]}, "exploitation": null, "vulnersScore": 5.7}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "27", "arch": "any", "packageVersion": "4.18.19", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "kernel-tools"}], "_state": {"dependencies": 1647589307, "score": 0}}

{"fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-27T03:13:41", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-headers-4.18.19-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-27T03:13:41", "id": "FEDORA:00FDB6087AA0", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-18T04:00:16", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-tools-4.19.2-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-18T04:00:16", "id": "FEDORA:C68476222B32", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-22T02:24:13", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-headers-4.19.2-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-22T02:24:13", "id": "FEDORA:7E7A360ACFB3", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-22T02:24:13", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-tools-4.19.2-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-22T02:24:13", "id": "FEDORA:9DF7060ACFA9", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-18T04:00:15", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.2-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-18T04:00:15", "id": "FEDORA:E178F6217CD7", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-11-18T04:00:16", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-headers-4.19.2-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-11-18T04:00:16", "id": "FEDORA:9CD7A622281F", "href": "", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:37", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-12-01T20:43:23", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.5-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2018-12-01T20:43:23", "id": "FEDORA:3C2FF6014B8C", "href": "", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:37", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-15T02:34:33", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.14-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3701"], "modified": "2019-01-15T02:34:33", "id": "FEDORA:8FD3E60491BA", "href": "", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:37", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-11T02:43:47", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.7-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824"], "modified": "2018-12-11T02:43:47", "id": "FEDORA:4A22960A514A", "href": "", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:37", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-18T03:07:10", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.9-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14625", "CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824"], "modified": "2018-12-18T03:07:10", "id": "FEDORA:2CDD76006271", "href": "", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:37", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-17T02:17:40", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.19.15-300.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701"], "modified": "2019-01-17T02:17:40", "id": "FEDORA:E88866014636", "href": "", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-01T01:59:59", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.5-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701"], "modified": "2019-02-01T01:59:59", "id": "FEDORA:DBB1B659CBE0", "href": "", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-05T02:19:00", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.6-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-7308"], "modified": "2019-02-05T02:19:00", "id": "FEDORA:F417F60477C5", "href": "", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:58:02", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.8-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:58:02", "id": "FEDORA:5B68260A5858", "href": "", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-26T03:08:48", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.11-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912"], "modified": "2019-02-26T03:08:48", "id": "FEDORA:296826040AED", "href": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-01T02:41:34", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.12-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9162"], "modified": "2019-03-01T02:41:34", "id": "FEDORA:20DCB60779B2", "href": "", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T18:41:38", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-10T18:25:36", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-4.20.14-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9213"], "modified": "2019-03-10T18:25:36", "id": "FEDORA:22D77604972B", "href": "", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-06T01:44:07", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-09T02:20:39", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.6-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9857"], "modified": "2019-04-09T02:20:39", "id": "FEDORA:4CF35608BFEA", "href": "", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-04-25T01:37:08", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.9-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9857"], "modified": "2019-04-25T01:37:08", "id": "FEDORA:85FBF6076011", "href": "", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-06T01:44:07", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-13T15:35:30", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.7-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3887", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9857"], "modified": "2019-04-13T15:35:30", "id": "FEDORA:6B6B360567FC", "href": "", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-05-03T03:44:13", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.10-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-05-03T03:44:13", "id": "FEDORA:89C9C6051B3A", "href": "", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-05-15T16:48:45", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.16-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-11091", "CVE-2019-11884", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-05-15T16:48:45", "id": "FEDORA:690DE6022BA8", "href": "", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-06-04T02:23:01", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.19-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-11091", "CVE-2019-11833", "CVE-2019-11884", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-06-04T02:23:01", "id": "FEDORA:79EAC605FC25", "href": "", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-05-25T03:36:40", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-5.0.17-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-19824", "CVE-2019-10142", "CVE-2019-11091", "CVE-2019-11884", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-05-25T03:36:40", "id": "FEDORA:3C394606D98F", "href": "", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-22T02:24:13", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.2-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391"], "modified": "2018-11-22T02:24:13", "id": "FEDORA:1EFAB60ACFB0", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-01T02:07:37", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.5-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19407", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391"], "modified": "2018-12-01T02:07:37", "id": "FEDORA:122AE604D3F9", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-15T01:54:14", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.14-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3701"], "modified": "2019-01-15T01:54:14", "id": "FEDORA:95A686085F81", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-11T01:58:29", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.7-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391"], "modified": "2018-12-11T01:58:29", "id": "FEDORA:BD35260BC96F", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-17T01:43:05", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.15-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701"], "modified": "2019-01-17T01:43:05", "id": "FEDORA:4D5AD601FDAC", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-01T01:42:54", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.20.5-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701"], "modified": "2019-02-01T01:42:54", "id": "FEDORA:9E3D9606D195", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-12-21T05:54:56", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.10-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14625", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-20169", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391"], "modified": "2018-12-21T05:54:56", "id": "FEDORA:250CB6087A80", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-01-22T01:35:57", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.19.16-200.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16884", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701"], "modified": "2019-01-22T01:35:57", "id": "FEDORA:6B66A6047312", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:25:11", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.20.8-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:25:11", "id": "FEDORA:C49D061F375F", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-05T01:55:19", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.20.6-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-7308"], "modified": "2019-02-05T01:55:19", "id": "FEDORA:C64AE6007F37", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-26T01:31:43", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.20.11-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912"], "modified": "2019-02-26T01:31:43", "id": "FEDORA:41B546014626", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-25T23:25:01", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-5.0.9-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9857"], "modified": "2019-04-25T23:25:01", "id": "FEDORA:B87B460876BA", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-13T01:31:54", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-5.0.7-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3887", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9857"], "modified": "2019-04-13T01:31:54", "id": "FEDORA:3266960F0E44", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-03-11T20:20:33", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-4.20.14-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9162", "CVE-2019-9213"], "modified": "2019-03-11T20:20:33", "id": "FEDORA:E93AE6077DCD", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-04-09T01:14:28", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-5.0.6-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9857"], "modified": "2019-04-09T01:14:28", "id": "FEDORA:BBFE360460D0", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-07T04:50:38", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-5.0.11-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-05-07T04:50:38", "id": "FEDORA:E37FD60924F1", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:51", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-05-17T01:19:00", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-5.0.16-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10322", "CVE-2018-10323", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-16862", "CVE-2018-16880", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-19406", "CVE-2018-19407", "CVE-2018-19824", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5391", "CVE-2019-11091", "CVE-2019-11884", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-3701", "CVE-2019-3882", "CVE-2019-3900", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9500", "CVE-2019-9503", "CVE-2019-9857"], "modified": "2019-05-17T01:19:00", "id": "FEDORA:1CAC0608E6F2", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:46:50", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-11-27T03:13:40", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.18.19-100.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405", "CVE-2017-12193", "CVE-2017-15115", "CVE-2017-16532", "CVE-2017-16538", "CVE-2017-16644", "CVE-2017-16647", "CVE-2017-16649", "CVE-2017-16650", "CVE-2017-17448", "CVE-2017-17449", "CVE-2017-17450", "CVE-2017-17558", "CVE-2017-17712", "CVE-2017-17741", "CVE-2017-17852", "CVE-2017-17853", "CVE-2017-17854", "CVE-2017-17855", "CVE-2017-17857", "CVE-2017-17862", "CVE-2017-17863", "CVE-2017-17864", "CVE-2017-18232", "CVE-2017-8824", "CVE-2018-1000004", "CVE-2018-1000026", "CVE-2018-10021", "CVE-2018-10322", "CVE-2018-10323", "CVE-2018-1065", "CVE-2018-10840", "CVE-2018-10853", "CVE-2018-1108", "CVE-2018-1120", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-12633", "CVE-2018-12714", "CVE-2018-12896", "CVE-2018-13053", "CVE-2018-13093", "CVE-2018-13094", "CVE-2018-13095", "CVE-2018-13405", "CVE-2018-14633", "CVE-2018-14678", "CVE-2018-14734", "CVE-2018-15471", "CVE-2018-17182", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-5332", "CVE-2018-5333", "CVE-2018-5344", "CVE-2018-5391", "CVE-2018-5750", "CVE-2018-5803", "CVE-2018-7757", "CVE-2018-7995", "CVE-2018-8043"], "modified": "2018-11-27T03:13:40", "id": "FEDORA:B395E6087A9D", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3846-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843862", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843862", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3846_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux USN-3846-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843862\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:24:44 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux USN-3846-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.10\");\n\n script_xref(name:\"USN\", value:\"3846-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3846-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-3846-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory).\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 18.10.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-1005-gcp\", ver:\"4.18.0-1005.6\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-1006-kvm\", ver:\"4.18.0-1006.6\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-1007-aws\", ver:\"4.18.0-1007.9\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-1007-azure\", ver:\"4.18.0-1007.7\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-1008-raspi2\", ver:\"4.18.0-1008.10\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-13-generic\", ver:\"4.18.0-13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-13-generic-lpae\", ver:\"4.18.0-13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-13-lowlatency\", ver:\"4.18.0-13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.18.0-13-snapdragon\", ver:\"4.18.0-13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.18.0.1007.7\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.18.0.1007.8\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.18.0.1005.5\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.18.0.13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.18.0.13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.18.0.1005.5\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.18.0.1006.6\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.18.0.13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.18.0.1008.5\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.18.0.13.14\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-1621b2204a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875310", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875310", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1621b2204a_kernel-tools_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-tools FEDORA-2018-1621b2204a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875310\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:24:02 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-1621b2204a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1621b2204a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KU5XRIYADUETRBCWTSEF3KWAUEADHMW7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2018-1621b2204a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.2~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-b68776e5b0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875297", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875297", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b68776e5b0_kernel-headers_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-headers FEDORA-2018-b68776e5b0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875297\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\");\n script_bugtraq_id(106054);\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 12:40:42 +0530 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-b68776e5b0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b68776e5b0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OUYR3P2P2SGSJXNAK67G6HXQOWL3FQ3O\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2018-b68776e5b0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 27.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.18.19~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2018-b68776e5b0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875302", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b68776e5b0_kernel-tools_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-tools FEDORA-2018-b68776e5b0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875302\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:21:48 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2018-b68776e5b0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b68776e5b0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVWIVTOVRV7HWQHY4EAZ3FXDPLJUJRWH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2018-b68776e5b0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 27.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.18.19~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2018-1621b2204a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875311", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875311", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1621b2204a_kernel-headers_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel-headers FEDORA-2018-1621b2204a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875311\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:24:05 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2018-1621b2204a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1621b2204a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QRZNG52KMLHH6DHD3ZSGXVR5RLL5W3Q\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2018-1621b2204a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.2~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:41:13", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1178)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15594", "CVE-2018-18710"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191178", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1178\");\n script_version(\"2020-01-23T11:33:48+0000\");\n script_cve_id(\"CVE-2018-15594\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:48 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:48 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1178)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1178\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1178\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1178 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.CVE-2018-15594\n\nAn issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.CVE-2018-18710\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.44.5.10_109\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:54", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15594", "CVE-2018-18710"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191181", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191181", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1181\");\n script_version(\"2020-01-23T11:33:53+0000\");\n script_cve_id(\"CVE-2018-15594\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:53 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:53 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1181)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1181\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1181\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1181 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.CVE-2018-15594\n\nAn issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.CVE-2018-18710\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.1_34\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-87ba0312c2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875913", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875913\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:27:44 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-87ba0312c2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-87ba0312c2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4TYHZQB34BOSGG4ILB7AJWUUUYH4TJA\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-87ba0312c2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.5~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:38:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-18710", "CVE-2018-16658"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181373", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181373", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1373\");\n script_version(\"2020-01-23T11:23:42+0000\");\n script_cve_id(\"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:23:42 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:23:42 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1373)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1373\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1373\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2018-1373 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.44.5.10_104\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:33:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-aws USN-3848-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2017-18174", "CVE-2018-18710", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843858", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843858", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3848_2.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux-aws USN-3848-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843858\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:23:49 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux-aws USN-3848-2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3848-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3848-2/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws'\n package(s) announced via the USN-3848-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nIt was discovered that a double free existed in the AMD GPIO driver in the\nLinux kernel. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux-aws on Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1037-aws\", ver:\"4.4.0-1037.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-generic\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-generic-lpae\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-lowlatency\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc-e500mc\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc-smp\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc64-emb\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc64-smp\", ver:\"4.4.0-141.167~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1037.37\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.141.121\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3848-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2017-18174", "CVE-2018-18710", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843859", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843859", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3848_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux USN-3848-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843859\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:23:59 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux USN-3848-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3848-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3848-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-3848-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a double free existed in the AMD GPIO driver in the\nLinux kernel. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1039-kvm\", ver:\"4.4.0-1039.45\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1074-aws\", ver:\"4.4.0-1074.84\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1102-raspi2\", ver:\"4.4.0-1102.110\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1106-snapdragon\", ver:\"4.4.0-1106.111\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-generic\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-generic-lpae\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-lowlatency\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc-e500mc\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc-smp\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc64-emb\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-141-powerpc64-smp\", ver:\"4.4.0-141.167\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.4.0.1074.76\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.4.0.1039.38\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.141.147\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1102.102\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1106.98\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-5904d0794d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19824", "CVE-2018-19406", "CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875923", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875923", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875923\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-19406\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:27:52 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-5904d0794d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-5904d0794d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZV2UTANNOXRVYLJSXU5NX7BZDJWWG47X\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-5904d0794d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.7~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-2645eb8dab", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19824", "CVE-2018-14625", "CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876095", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876095", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876095\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14625\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:34:22 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-2645eb8dab\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2645eb8dab\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JI6NRIDZXZCUSLHKRG3ZBLY5CR36UPQW\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-2645eb8dab advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.9~300.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T17:36:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-11-21T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2018:3817-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-18690", "CVE-2018-18710", "CVE-2018-18281", "CVE-2018-18386", "CVE-2018-16658", "CVE-2018-9516"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852140", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852140", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852140\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-18281\", \"CVE-2018-18386\", \"CVE-2018-18690\", \"CVE-2018-18710\",\n \"CVE-2018-9516\", \"CVE-2018-10940\", \"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-21 06:04:01 +0100 (Wed, 21 Nov 2018)\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2018:3817-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3817-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00028.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the openSUSE-SU-2018:3817-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was\n updated to 4.4.162 to receive various security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping\n pagetable locks. If a syscall such as ftruncate() removes entries from\n the pagetables of a task that is in the middle of mremap(), a stale TLB\n entry can remain for a short time that permits access to a physical page\n after it has been released back to the page allocator and reused.\n (bnc#1113769).\n\n - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in\n drivers/cdrom/cdrom.c could be used by local attackers to read kernel\n memory because a cast from unsigned long to int interferes with bounds\n checking. This is similar to CVE-2018-10940 and CVE-2018-16658\n (bnc#1113751).\n\n - CVE-2018-18690: A local attacker able to set attributes on an xfs\n filesystem could make this filesystem non-operational until the next\n mount by triggering an unchecked error condition during an xfs attribute\n change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c\n mishandled ATTR_REPLACE operations with conversion of an attr from short\n to long form (bnc#1105025).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are\n able to access pseudo terminals) to hang/block further usage of any\n pseudo terminal devices due to an EXTPROC versus ICANON confusion in\n TIOCINQ (bnc#1094825).\n\n - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read()\n function in the drivers/hid/hid-debug.c file might have resulted in\n receiving userspace buffer overflow and an out-of-bounds write or to the\n infinite loop. (bnc#1108498).\n\n The following non-security bugs were fixed:\n\n - 6lowpan: iphc: reset mac_header after decompress to fix panic\n (bnc#1012382).\n\n - Add azure kernel description.\n\n - Add bug reference to\n patches.suse/x86-entry-64-use-a-per-cpu-trampoline-stack-fix1.patch\n\n - Add graphviz to buildreq for image conversion\n\n - Add reference to bsc#1104124 to\n patches.fixes/fs-aio-fix-the-increment-of-aio-nr-and-counting-agai.patch\n\n - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382).\n\n - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760\n (bnc#1012382).\n\n - apparmor: remove no-op permission check in policy_unpack (git-fixes).\n\n - ARC: build: Get rid of toolchain check (bnc#1012382).\n\n - ARC: clone syscall to setp r25 as thread pointer (bnc#1012382).\n\n - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382).\n\n - arch-symbols: use bash as interpreter since the script uses bashism.\n ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"the on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.162~78.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-aws-hwe USN-3847-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2018-14734", "CVE-2018-18710", "CVE-2018-18445", "CVE-2018-16276", "CVE-2018-10902", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843860", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843860", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3847_2.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux-aws-hwe USN-3847-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843860\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\",\n \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:24:09 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux-aws-hwe USN-3847-2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3847-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3847-2/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-aws-hwe'\n package(s) announced via the USN-3847-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu\n16.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux-aws-hwe on Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1026-gcp\", ver:\"4.15.0-1026.27~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1031-aws\", ver:\"4.15.0-1031.33~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1036-azure\", ver:\"4.15.0-1036.38~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-generic\", ver:\"4.15.0-43.46~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-generic-lpae\", ver:\"4.15.0-43.46~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-lowlatency\", ver:\"4.15.0-43.46~16.04.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws-hwe\", ver:\"4.15.0.1031.32\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1036.41\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1026.40\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.15.0.43.64\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.15.0.43.64\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1026.40\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.15.0.43.64\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T17:38:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-11-08T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2018:3658-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2017-16533", "CVE-2018-18710", "CVE-2018-18445", "CVE-2018-18386", "CVE-2018-16658", "CVE-2017-18224"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852108", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852108", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852108\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2017-16533\", \"CVE-2017-18224\", \"CVE-2018-18386\", \"CVE-2018-18445\", \"CVE-2018-18710\", \"CVE-2018-10940\", \"CVE-2018-16658\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-11-08 06:02:00 +0100 (Thu, 08 Nov 2018)\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2018:3658-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3658-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-11/msg00001.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the openSUSE-SU-2018:3658-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.0 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in\n drivers/cdrom/cdrom.c could be used by local attackers to read kernel\n memory because a cast from unsigned long to int interferes with bounds\n checking. This is similar to CVE-2018-10940 and CVE-2018-16658\n (bnc#1113751).\n\n - CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier\n permitted out-of-bounds memory accesses because\n adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit\n right shifts (bnc#1112372).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are\n able to access pseudo terminals) to hang/block further usage of any\n pseudo terminal devices due to an EXTPROC versus ICANON confusion in\n TIOCINQ (bnc#1094825).\n\n - CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and\n consequently has a race condition for access to the extent tree during\n read operations in DIRECT mode, which allowed local users to cause a\n denial of service (BUG) by modifying a certain e_cpos field\n (bnc#1084831).\n\n - CVE-2017-16533: The usbhid_parse function in\n drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of\n service (out-of-bounds read and system crash) or possibly have\n unspecified other impact via a crafted USB device (bnc#1066674).\n\n The following non-security bugs were fixed:\n\n - acpi / processor: Fix the return value of acpi_processor_ids_walk()\n (bsc#1051510).\n\n - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n\n - alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n\n - alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)\n (bsc#1051510).\n\n - alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n\n - alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n\n - alsa: hda: fix unused variable warning (bsc#1051510).\n\n - alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715\n (bsc#1051510).\n\n - alsa: usb-audio: update quirk for B&amp W PX to remove microphone\n (bsc#1051510).\n\n - apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n\n - ASoC: intel: skylake: Add missing break in skl_tplg_get_token()\n (bsc#1051510).\n\n - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n\n - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n\n - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n\n - ASoC: rt5514: Fix the issue of the delay volume applied again\n (bsc#1051510).\n\n - ASoC: ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"the on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp150.12.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3847-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2018-14734", "CVE-2018-18710", "CVE-2018-18445", "CVE-2018-16276", "CVE-2018-10902", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843856", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843856", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3847_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux USN-3847-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843856\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\",\n \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:23:07 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux USN-3847-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU18\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3847-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3847-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-3847-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\n\n Note: According to the USN the package names for this update where changed from e.g.\n linux-image-4.15.0-42-generic to linux-image-4.15.0-43-generic. Due to this please\n make sure to install the kernel package containing the -43- part within its name.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1026-gcp\", ver:\"4.15.0-1026.27\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1028-kvm\", ver:\"4.15.0-1028.28\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1030-oem\", ver:\"4.15.0-1030.35\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1030-raspi2\", ver:\"4.15.0-1030.32\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1031-aws\", ver:\"4.15.0-1031.33\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1036-azure\", ver:\"4.15.0-1036.38\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n # nb: According to USN 3847 the kernel updates have been given a new version number.\n # The package names where changed from e.g. linux-image-4.15.0-42-generic to\n # linux-image-4.15.0-43-generic so we need to check for both here:\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-generic\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-generic-lpae\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-lowlatency\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-43-snapdragon\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-42-generic\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-42-generic-lpae\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-42-lowlatency\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-42-snapdragon\", ver:\"4.15.0-43.46\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-aws\", ver:\"4.15.0.1031.30\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1036.36\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gcp\", ver:\"4.15.0.1026.28\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.15.0.43.45\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.15.0.43.45\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-gke\", ver:\"4.15.0.1026.28\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-kvm\", ver:\"4.15.0.1028.28\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.15.0.43.45\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-oem\", ver:\"4.15.0.1030.35\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.15.0.1030.28\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.15.0.43.45\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-azure USN-3847-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2018-14734", "CVE-2018-18710", "CVE-2018-18445", "CVE-2018-16276", "CVE-2018-10902", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843861", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843861", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3847_3.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux-azure USN-3847-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843861\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\",\n \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:24:27 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux-azure USN-3847-3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3847-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3847-3/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-azure'\n package(s) announced via the USN-3847-3 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nkernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux-azure on Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.15.0-1036-azure\", ver:\"4.15.0-1036.38~14.04.2\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-azure\", ver:\"4.15.0.1036.23\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-aabdaa013d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-3701", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875946", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875946", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875946\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:09 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-aabdaa013d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-aabdaa013d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F5IYT2ZAPBSYLJVJRJJ6YH6YFE7XIRPB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-aabdaa013d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.5~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3849-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18690", "CVE-2018-14734", "CVE-2018-18710", "CVE-2018-16276", "CVE-2017-2647", "CVE-2018-18386", "CVE-2018-10902", "CVE-2018-12896"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843857", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843857", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3849_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for linux USN-3849-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843857\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2017-2647\", \"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\",\n \"CVE-2018-16276\", \"CVE-2018-18386\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:23:25 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Ubuntu Update for linux USN-3849-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"3849-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3849-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the USN-3849-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that a NULL pointer dereference existed in the keyring\nsubsystem of the Linux kernel. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2017-2647)\n\nIt was discovered that a race condition existed in the raw MIDI driver for\nthe Linux kernel, leading to a double free vulnerability. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker could use\nthis to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the\nInfiniband implementation in the Linux kernel. An attacker could use this\nto cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did\nnot properly restrict user space reads or writes. A physically proximate\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-16276)\n\nTetsuo Handa discovered a logic error in the TTY subsystem of the Linux\nkernel. A local attacker with access to pseudo terminal devices could use\nthis to cause a denial of service. (CVE-2018-18386)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file\nsystem in the Linux kernel in certain situations could cause an error\ncondition to occur. A local attacker could use this to cause a denial of\nservice. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the\nCDROM driver of the Linux kernel. A local attacker could use this to expose\nsensitive information (kernel memory). (CVE-2018-18710)\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-generic\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-generic-lpae\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-lowlatency\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-powerpc-e500\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-powerpc-e500mc\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-powerpc-smp\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-powerpc64-emb\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-164-powerpc64-smp\", ver:\"3.13.0-164.214\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.13.0.164.174\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-96b31a9602", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-3701", "CVE-2019-3459", "CVE-2019-7308", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875801", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875801", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875801\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-7308\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:21:22 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-96b31a9602\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-96b31a9602\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I46FW633VGVOFMM3OPMFTBOXYGP243AL\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-96b31a9602 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.6~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:33:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1156)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-1118", "CVE-2018-5848", "CVE-2018-16862", "CVE-2018-18710", "CVE-2018-16658", "CVE-2019-9213", "CVE-2018-20169", "CVE-2019-5489", "CVE-2018-10902"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191156", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191156", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1156\");\n script_version(\"2020-01-23T11:33:09+0000\");\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-1118\", \"CVE-2018-16862\", \"CVE-2018-18710\", \"CVE-2018-20169\", \"CVE-2018-5848\", \"CVE-2019-5489\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:09 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:09 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1156)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1156\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1156\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1156 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710)\n\nA flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits.(CVE-2019-9213)\n\nThe Linux kernel does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.(CVE-2018-1118)\n\nIt was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.(CVE-2018-10902)\n\nA flaw was discovered in the Linux kernel's USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).(CVE-2018-20169)\n\nIn the function wmi_set_ie() in the Linux kernel the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the ie_len argument can cause a buffer overflow and thus a memory corruption leading to a system crash or other or unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2018-5848)\n\nA new software page cache side channel attack scenario was discovered in operating systems that implement the very common 'page cache' caching mechanism. A malicious user/process could use 'in memory' page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity acce ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.0.1.h105.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-164946aa7f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-20T00:00:00", "id": "OPENVAS:1361412562310875628", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875628", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875628\");\n script_version(\"2019-05-20T06:45:30+0000\");\n script_cve_id(\"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-20 06:45:30 +0000 (Mon, 20 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:18 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-164946aa7f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-164946aa7f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-164946aa7f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.8~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-7bdeed7fc5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8912", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875834", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875834", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875834\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:22:54 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-7bdeed7fc5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7bdeed7fc5\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BHPV6YAVRZGELKIO7LYXJNKRFHMOJJP7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-7bdeed7fc5 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.11~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-87e7046631", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-8912", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2019-9213", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876105", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876105", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876105\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:34:38 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-87e7046631\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-87e7046631\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2HINX5DK7FMPRUHW427POVGGTH25RHX3\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-87e7046631 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.14~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-7462acf8ba", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-8912", "CVE-2018-16862", "CVE-2019-9162", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876177", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876177", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876177\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-9162\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:37:57 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-7462acf8ba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7462acf8ba\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5V6NQPIGUR73VSTY22YLUKTLEB66AA4U\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-7462acf8ba advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.12~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-be9add5b77", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-3882"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875629", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875629", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875629\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:13:29 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-be9add5b77\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-be9add5b77\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PPH3B7FJOMWD5JWUPZKB6T44KNT4PX2L\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-be9add5b77 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.6~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-94dc902948", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2019-3887", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-16862", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-3882"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876049", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876049", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876049\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-3887\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:33:00 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-94dc902948\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-94dc902948\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYMWIULFVLIZLQSTPB3O7SQ7GG5E2V2G\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-94dc902948 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.7~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-03T17:17:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-1e8a4c6958", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-16862", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-3882"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310875786", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875786", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875786\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:20:26 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-1e8a4c6958\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1e8a4c6958\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AC6QXA5HZRQZCSKQ3DAXVTOUZ7LVWIR7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-1e8a4c6958 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.9~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-03T17:15:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-8219efa9f6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3900", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-16862", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-9503", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-3882"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310875681", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875681", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875681\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:15:39 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-8219efa9f6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-8219efa9f6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYTZH6QCNITK7353S6RCRT2PQHZSDPXD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-8219efa9f6 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.10~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:38:42", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1587)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10882", "CVE-2019-7222", "CVE-2018-12126", "CVE-2018-10940", "CVE-2019-3460", "CVE-2018-9568", "CVE-2019-11190", "CVE-2018-12127", "CVE-2018-18710", "CVE-2018-1000204", "CVE-2018-16884", "CVE-2019-3459", "CVE-2018-16658", "CVE-2019-9213", "CVE-2018-9516", "CVE-2019-11091", "CVE-2018-19985", "CVE-2018-12130", "CVE-2018-20511"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191587", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191587", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1587\");\n script_version(\"2020-01-23T12:16:07+0000\");\n script_cve_id(\"CVE-2018-1000204\", \"CVE-2018-10882\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2018-16884\", \"CVE-2018-18710\", \"CVE-2018-19985\", \"CVE-2018-20511\", \"CVE-2018-9516\", \"CVE-2018-9568\", \"CVE-2019-11091\", \"CVE-2019-11190\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-7222\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:16:07 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:16:07 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1587)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1587\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1587\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1587 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A malformed SG_IO ioctl issued for a SCSI device in the Linux kernel leads to a local kernel data leak manifesting in up to approximately 1000 memory pages copied to the userspace. The problem has limited scope as non-privileged users usually have no permissions to access SCSI device files.(CVE-2018-1000204)\n\nA flaw in the load_elf_binary() function in the Linux kernel allows a local attacker to leak the base address of .text and stack sections for setuid binaries and bypass ASLR because install_exec_creds() is called too late in this function.(CVE-2019-11190)\n\nA flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user ('root') to achieve an out-of-bounds write and thus receiving user space buffer corruption.(CVE-2018-9516)\n\nA flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.(CVE-2018-16884)\n\nAn issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710)\n\nA flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.(CVE-2018-19985)\n\nA possible memory corruption due to a type confusion was found in the Linux kernel in the sk_clone_lock() function in the net/core/sock.c. The possibility of local escalation of privileges cannot be fully ruled out for a local unprivileged attacker.(CVE-2018-9568)\n\nA flaw was found in the Linux kernels implementation of Logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack. An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.44.5.10.h193\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-05T16:39:31", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1471)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2013-4345", "CVE-2014-0155", "CVE-2015-4176", "CVE-2015-3332", "CVE-2018-11232", "CVE-2018-10675", "CVE-2014-4014", "CVE-2016-2184", "CVE-2018-18710", "CVE-2017-18218", "CVE-2017-14340", "CVE-2016-2545", "CVE-2013-7421", "CVE-2017-5669", "CVE-2017-18360", "CVE-2016-2546", "CVE-2017-16531", "CVE-2018-7480", "CVE-2013-2889"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191471", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1471\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-2889\", \"CVE-2013-4345\", \"CVE-2013-7421\", \"CVE-2014-0155\", \"CVE-2014-3122\", \"CVE-2014-4014\", \"CVE-2015-3332\", \"CVE-2015-4176\", \"CVE-2016-2184\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2017-14340\", \"CVE-2017-16531\", \"CVE-2017-18218\", \"CVE-2017-18360\", \"CVE-2017-5669\", \"CVE-2018-10675\", \"CVE-2018-11232\", \"CVE-2018-18710\", \"CVE-2018-7480\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:48:49 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1471)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1471\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1471\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1471 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.(CVE-2013-2889)\n\nThe capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the setgid bit on a file with group ownership of root.(CVE-2014-4014)\n\nThe function drivers/usb/core/config.c in the Linux kernel, allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device, related to the USB_DT_INTERFACE_ASSOCIATION descriptor.(CVE-2017-16531)\n\nThe snd_timer_interrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to cause a denial of service (race condition and system crash) via a crafted ioctl call.(CVE-2016-2545)\n\nA flaw was found in the Linux kernel where the deletion of a file or directory could trigger an unmount and reveal data under a mount point. This flaw was inadvertently introduced with the new feature of being able to lazily unmount a mount tree when using file system user namespaces.(CVE-2015-4176)\n\nThe do_shmat function in ipc/shm.c in the Linux kernel, through 4.9.12, does not restrict the address calculated by a certain rounding operation. This allows privileged local users to map page zero and, consequently, bypass a protection mechanism that exists for the mmap system call. This is possible by making crafted shmget and shmat system calls in a privileged context.(CVE-2017-5669)\n\nIn drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel, before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.(CVE-2017-18218)\n\nThe ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced.(CVE-2014-0155)\n\nA flaw was found in the way the Linux kernel's Cr ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:33:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5333", "CVE-2018-19824", "CVE-2017-7518", "CVE-2016-10741", "CVE-2018-5344", "CVE-2018-6927", "CVE-2018-7757", "CVE-2018-16862", "CVE-2018-8781", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-18281", "CVE-2018-5332", "CVE-2018-18559", "CVE-2019-3701", "CVE-2018-17972", "CVE-2017-18360", "CVE-2019-9213", "CVE-2018-5750", "CVE-2019-5489"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191512", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191512", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1512\");\n script_version(\"2020-01-23T12:00:28+0000\");\n script_cve_id(\"CVE-2016-10741\", \"CVE-2017-18360\", \"CVE-2017-7518\", \"CVE-2018-16862\", \"CVE-2018-17972\", \"CVE-2018-18281\", \"CVE-2018-18559\", \"CVE-2018-18710\", \"CVE-2018-19824\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2018-5344\", \"CVE-2018-5391\", \"CVE-2018-5750\", \"CVE-2018-6927\", \"CVE-2018-7757\", \"CVE-2018-8781\", \"CVE-2019-3701\", \"CVE-2019-5489\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:00:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:00:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1512)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1512\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1512\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1512 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel through 4.14.13, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size() function in 'net/rds/rdma.c') and thus to a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2018-5332)\n\nIn the Linux kernel through 4.14.13, the rds_cmsg_atomic() function in 'net/rds/rdma.c' mishandles cases where page pinning fails or an invalid address is supplied by a user. This can lead to a NULL pointer dereference in rds_atomic_free_op() and thus to a system panic.(CVE-2018-5333)\n\nA flaw was found in the Linux kernel's handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions.(CVE-2018-5344)\n\nThe acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.(CVE-2018-5750)\n\nThe futex_requeue function in kernel/futex.c in the Linux kernel, before 4.14.15, might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impacts by triggering a negative wake or requeue value. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2018-6927)\n\nMemory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel allows local users to cause a denial of service (kernel memory exhaustion) via multiple read accesses to files in the /sys/class/sas_phy directory.(CVE-2018-7757)\n\nA an integer overflow vulnerability was discovered in the Linux kernel, from version 3.4 through 4.15, in the drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() function. An attacker with access to the udldrmfb driver could exploit this to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.(CVE-2018-8781)\n\nA flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.(CVE-2017-7518)\n\nA division-by-zero in set_termios(), when debugging is enabled, was found in the Linux kernel. When the [io_ti] driver is l ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~862.14.1.6_42\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-03T17:08:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-e6bf55e821", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-12127", "CVE-2018-16862", "CVE-2019-11884", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-9503", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-11091", "CVE-2019-3882", "CVE-2018-12130"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310876361", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876361", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876361\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-16 02:13:21 +0000 (Thu, 16 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-e6bf55e821\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-e6bf55e821\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JLGUIVEF7FAI4UBRC535PO4MX7AGAYRU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-e6bf55e821 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.16~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-03T17:18:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-8169b57f28", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-12127", "CVE-2018-16862", "CVE-2019-11884", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-9503", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-10142", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-11091", "CVE-2019-3882", "CVE-2018-12130"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310876423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876423", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876423\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2019-10142\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:12:30 +0000 (Sun, 26 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-8169b57f28\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-8169b57f28\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXS5UYMDASRNQ4TNWENSHWB2UHCWLH5E\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-8169b57f28 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.17~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T19:30:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux (DLA-1731-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2017-5753", "CVE-2018-13053", "CVE-2018-19824", "CVE-2018-18690", "CVE-2016-10741", "CVE-2018-5848", "CVE-2018-5953", "CVE-2018-16862", "CVE-2017-13305", "CVE-2018-18710", "CVE-2018-18281", "CVE-2019-7221", "CVE-2018-16884", "CVE-2019-3701", "CVE-2018-17972", "CVE-2019-6974", "CVE-2019-9213", "CVE-2018-20169", "CVE-2018-3639", "CVE-2019-3819", "CVE-2018-19985", "CVE-2018-12896", "CVE-2018-20511"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891731", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891731", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891731\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2016-10741\", \"CVE-2017-13305\", \"CVE-2017-5753\", \"CVE-2018-12896\", \"CVE-2018-13053\", \"CVE-2018-16862\", \"CVE-2018-16884\", \"CVE-2018-17972\", \"CVE-2018-18281\", \"CVE-2018-18690\", \"CVE-2018-18710\", \"CVE-2018-19824\", \"CVE-2018-19985\", \"CVE-2018-20169\", \"CVE-2018-20511\", \"CVE-2018-3639\", \"CVE-2018-5848\", \"CVE-2018-5953\", \"CVE-2019-3701\", \"CVE-2019-3819\", \"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-27 23:00:00 +0100 (Wed, 27 Mar 2019)\");\n script_name(\"Debian LTS: Security Advisory for linux (DLA-1731-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1731-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the DLA-1731-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2016-10741\n\nA race condition was discovered in XFS that would result in a\ncrash (BUG). A local user permitted to write to an XFS volume\ncould use this for denial of service.\n\nCVE-2017-5753\n\nFurther instances of code that was vulnerable to Spectre variant 1\n(bounds-check bypass) have been mitigated.\n\nCVE-2017-13305\n\nA memory over-read was discovered in the keys subsystem's\nencrypted key type. A local user could use this for denial of\nservice or possibly to read sensitive information.\n\nCVE-2018-3639 (SSB)\n\nMultiple researchers have discovered that Speculative Store Bypass\n(SSB), a feature implemented in many processors, could be used to\nread sensitive information from another context. In particular,\ncode in a software sandbox may be able to read sensitive\ninformation from outside the sandbox. This issue is also known as\nSpectre variant 4.\n\nThis update fixes bugs in the mitigations for SSB for AMD\nprocessors.\n\nCVE-2018-5848\n\nThe wil6210 wifi driver did not properly validate lengths in scan\nand connection requests, leading to a possible buffer overflow.\nOn systems using this driver, a local user with the CAP_NET_ADMIN\ncapability could use this for denial of service (memory corruption\nor crash) or potentially for privilege escalation.\n\nCVE-2018-5953\n\nThe swiotlb subsystem printed kernel memory addresses to the\nsystem log, which could help a local attacker to exploit other\nvulnerabilities.\n\nCVE-2018-12896, CVE-2018-13053\n\nTeam OWL337 reported possible integer overflows in the POSIX\ntimer implementation. These might have some security impact.\n\nCVE-2018-16862\n\nVasily Averin and Pavel Tikhomirov from Virtuozzo Kernel Team\ndiscovered that the cleancache memory management feature did not\ninvalidate cached data for deleted files. On Xen guests using the\ntmem driver, local users could potentially read data from other\nusers' deleted files if they were able to create new files on the\nsame volume.\n\nCVE-2018-16884\n\nA flaw was found in the NFS 4.1 client implementation. Mounting\nNFS shares in multiple network namespaces at the same time could\nlead to a user-after-free. Local users might be able to use this\nfor denial of service (memory corruption or crash) or possibly\nfor privilege escalation.\n\nThis can be mitigated by disabling unprivileged users from\ncreating user namespaces, which is the default in Debian.\n\nCVE-2018-17972\n\nJann Horn reported that the /proc/*/stack files in procfs leaked\nsensitive data from the kernel. These files are now only readable\nby users with the CAP_SYS_AD ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'linux' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.16.64-1.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-x86\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-armel\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-armhf\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-all-i386\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-common\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-5-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-all\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-all-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-all-armel\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-all-armhf\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-all-i386\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-common\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-6-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-all\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-all-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-all-armel\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-all-armhf\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-all-i386\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-common\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-7-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-all\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-all-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-all-armel\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-all-armhf\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-all-i386\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-common\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-3.16.0-8-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-686-pae-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-amd64-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-5-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-686-pae-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-amd64-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-6-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-686-pae-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-amd64-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-7-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-586\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-686-pae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-686-pae-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-amd64-dbg\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-armmp\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-armmp-lpae\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-ixp4xx\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-kirkwood\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-orion5x\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-3.16.0-8-versatile\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-6\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-7\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-3.16.0-8\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-5-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-6-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-7-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-8-amd64\", ver:\"3.16.64-1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-03T17:09:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-48b34fc991", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-12126", "CVE-2019-3900", "CVE-2019-3460", "CVE-2018-19824", "CVE-2019-8980", "CVE-2019-9857", "CVE-2019-8912", "CVE-2018-12127", "CVE-2018-16862", "CVE-2019-11884", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-11833", "CVE-2019-9503", "CVE-2019-7221", "CVE-2019-3701", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-19407", "CVE-2018-16880", "CVE-2019-11091", "CVE-2019-3882", "CVE-2018-12130"], "modified": "2020-02-03T00:00:00", "id": "OPENVAS:1361412562310876445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876445", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876445\");\n script_version(\"2020-02-03T08:05:42+0000\");\n script_cve_id(\"CVE-2019-11833\", \"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-03 08:05:42 +0000 (Mon, 03 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-05 02:17:23 +0000 (Wed, 05 Jun 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-48b34fc991\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-48b34fc991\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DTCIC2APGWYXPGC5D3KITFOWDQWOCBNG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-48b34fc991 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.19~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-29T19:29:15", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-18249\n\n A race condition was discovered in the disk space allocator of\n F2FS. A user with access to an F2FS volume could use this to cause\n a denial of service or other security impact.\n\nCVE-2018-1128, CVE-2018-1129\n\n The cephx authentication protocol used by Ceph was susceptible to\n replay attacks, and calculated signatures incorrectly. These\n vulnerabilities in the server required changes to authentication\n that are incompatible with existing clients. The kernel", "cvss3": {}, "published": "2019-03-19T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for linux-4.9 (DLA-1715-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-14610", "CVE-2018-13096", "CVE-2018-18690", "CVE-2018-13100", "CVE-2018-13406", "CVE-2017-18249", "CVE-2018-5848", "CVE-2018-16862", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-18281", "CVE-2018-14614", "CVE-2018-15471", "CVE-2018-17972", "CVE-2018-14612", "CVE-2018-14611", "CVE-2018-19407", "CVE-2018-13097", "CVE-2018-1129", "CVE-2018-3639", "CVE-2018-1128", "CVE-2018-12896", "CVE-2018-14616", "CVE-2018-6554", "CVE-2018-14613"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891715", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891715", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891715\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-18249\", \"CVE-2018-1128\", \"CVE-2018-1129\", \"CVE-2018-12896\", \"CVE-2018-13053\",\n \"CVE-2018-13096\", \"CVE-2018-13097\", \"CVE-2018-13100\", \"CVE-2018-13406\", \"CVE-2018-14610\",\n \"CVE-2018-14611\", \"CVE-2018-14612\", \"CVE-2018-14613\", \"CVE-2018-14614\", \"CVE-2018-14616\",\n \"CVE-2018-15471\", \"CVE-2018-16862\", \"CVE-2018-17972\", \"CVE-2018-18281\", \"CVE-2018-18690\",\n \"CVE-2018-18710\", \"CVE-2018-19407\", \"CVE-2018-3639\", \"CVE-2018-5391\", \"CVE-2018-5848\",\n \"CVE-2018-6554\");\n script_name(\"Debian LTS: Security Advisory for linux-4.9 (DLA-1715-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-19 00:00:00 +0100 (Tue, 19 Mar 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"linux-4.9 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.9.144-3.1~deb8u1. This version also includes fixes for Debian bugs\n#890034, #896911, #907581, #915229, #915231 and other fixes\nincluded in upstream stable updates.\n\nWe recommend that you upgrade your linux-4.9 packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2017-18249\n\n A race condition was discovered in the disk space allocator of\n F2FS. A user with access to an F2FS volume could use this to cause\n a denial of service or other security impact.\n\nCVE-2018-1128, CVE-2018-1129\n\n The cephx authentication protocol used by Ceph was susceptible to\n replay attacks, and calculated signatures incorrectly. These\n vulnerabilities in the server required changes to authentication\n that are incompatible with existing clients. The kernel's client\n code has now been updated to be compatible with the fixed server.\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.9-arm\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-686\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-all\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-all-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-all-armel\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-all-armhf\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-all-i386\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-armmp\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-armmp-lpae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-common\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-common-rt\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-marvell\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-rt-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.7-rt-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-686\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-all\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-all-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-all-armel\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-all-armhf\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-all-i386\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-armmp\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-armmp-lpae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-common\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-common-rt\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-marvell\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-rt-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-0.bpo.8-rt-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-686\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-686-pae-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-amd64-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-armmp\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-armmp-lpae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-marvell\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-rt-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-rt-686-pae-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-rt-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.7-rt-amd64-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-686\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-686-pae-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-amd64-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-armmp\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-armmp-lpae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-marvell\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-rt-686-pae\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-rt-686-pae-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-rt-amd64\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-0.bpo.8-rt-amd64-dbg\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.7\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-0.bpo.8\", ver:\"4.9.144-3.1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-1621b2204a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2018-10323", "CVE-2018-14678", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875303", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875303", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_1621b2204a_kernel_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-1621b2204a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875303\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:21:51 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-1621b2204a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-1621b2204a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVAY6QRMWP7MBPHLJXJ5HXKW3RPAQRVH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-1621b2204a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.2~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-3857a8b41a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2018-10323", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875330", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875330", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_3857a8b41a_kernel_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-3857a8b41a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875330\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:32:40 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-3857a8b41a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-3857a8b41a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YSCWWL6626SRLHRZJNXZLAISRNHTJR4J\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-3857a8b41a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.5~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-01-15T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-337484d88b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875407", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875407", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2019_337484d88b_kernel_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2019-337484d88b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875407\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2019-3701\", \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\",\n \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\",\n \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\",\n \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\",\n \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\",\n \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\",\n \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-15 04:01:50 +0100 (Tue, 15 Jan 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-337484d88b\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-337484d88b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJRL623P7QRAYKXU4R4VN5KJRJQXCD47\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-337484d88b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.14~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-13T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-a0914af224", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2018-10323", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875349", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875349", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_a0914af224_kernel_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-a0914af224\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875349\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\",\n \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\",\n \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\",\n \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\",\n \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\",\n \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\",\n \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-13 08:01:19 +0100 (Thu, 13 Dec 2018)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-a0914af224\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-a0914af224\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7FILAKYG4JAYWCAPPYUVJFDR3OVOPLQI\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-a0914af224 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.7~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-01-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-509c133845", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875414", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2019-509c133845\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875414\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\",\n \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\",\n \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-17 04:01:59 +0100 (Thu, 17 Jan 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-509c133845\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-509c133845\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3MWPCZGGWBG4PHRSTT6JAYP63RLWU67\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-509c133845 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.15~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-01-22T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-20a89ca9af", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-16884", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875423", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875423", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2019-20a89ca9af\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875423\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\",\n \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\",\n \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2018-16884\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-22 04:04:48 +0100 (Tue, 22 Jan 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-20a89ca9af\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-20a89ca9af\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WW5ANGQFOX5S5JHHACLD5TR3CQ7REMJR\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-20a89ca9af advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.16~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-02-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-4002b91800", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875438", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875438", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2019-4002b91800\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875438\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\",\n \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\",\n \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\",\n \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\",\n \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\",\n \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\",\n \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-02 04:06:41 +0100 (Sat, 02 Feb 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-4002b91800\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-4002b91800\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/USE4PETBIFWP3WSVJSMU5Y44MP6GPVPQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-4002b91800 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present\n on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.5~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-21T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-6e8c330d50", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-14625", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2018-10323", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-20169", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875369", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id$\n#\n# Fedora Update for kernel FEDORA-2018-6e8c330d50\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875369\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\",\n \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\",\n \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\",\n \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\",\n \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\",\n \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\",\n \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\",\n \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-14625\",\n \"CVE-2018-20169\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-21 07:55:44 +0100 (Fri, 21 Dec 2018)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-6e8c330d50\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2018-6e8c330d50\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYHM2QYFANUFBT6LM2CPW6M7PHBT4XAD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-6e8c330d50 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.10~200.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-02-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-7d3500d712", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-3459", "CVE-2018-14678", "CVE-2019-7308", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875443", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2019-7d3500d712\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875443\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\",\n \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\",\n \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\",\n \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\",\n \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\",\n \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\",\n \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2019-7308\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-05 04:08:23 +0100 (Tue, 05 Feb 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-7d3500d712\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-7d3500d712\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DBBZRTW2W5P5HETBWDB7JPFB6ZSWZHO2\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-7d3500d712 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.6~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:14", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-3da64f3e61", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875459", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875459", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875459\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\",\n \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\",\n \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\",\n \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-16 04:07:22 +0100 (Sat, 16 Feb 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-3da64f3e61\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3da64f3e61\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-3da64f3e61 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.8~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-02-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-16de0047d4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875476", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875476\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\",\n \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\",\n \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\",\n \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\",\n \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\",\n \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\",\n \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\",\n \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\",\n \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\",\n \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-26 04:15:41 +0100 (Tue, 26 Feb 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-16de0047d4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-16de0047d4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJZWLIM4HAUGDND3ZHY2DQZGX4Y3SOLY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-16de0047d4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.11~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:11", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-04-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-ce2933b003", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2019-3887", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2019-9857", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2019-3882", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-19T00:00:00", "id": "OPENVAS:1361412562310875566", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875566", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875566\");\n script_version(\"2019-04-19T05:29:08+0000\");\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\",\n \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\",\n \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\",\n \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\",\n \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\", \"CVE-2019-3887\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-19 05:29:08 +0000 (Fri, 19 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-17 02:11:41 +0000 (Wed, 17 Apr 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-ce2933b003\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-ce2933b003\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/URA4E6PUR6HLD2KUVOF5NNDAR7YUTO26\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-ce2933b003 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.7~100.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-04-29T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-1b986880ea", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2019-9857", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2019-9500", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2019-3882", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-30T00:00:00", "id": "OPENVAS:1361412562310875577", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875577", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875577\");\n script_version(\"2019-04-30T06:40:08+0000\");\n script_cve_id(\"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-30 06:40:08 +0000 (Tue, 30 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-29 02:12:19 +0000 (Mon, 29 Apr 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-1b986880ea\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-1b986880ea\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GZPZFJALW3NA4HGWNR4X2C3CWXDIWG3M\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-1b986880ea advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.9~100.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-12T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-196ab64d65", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2019-9162", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2019-9213", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-16T00:00:00", "id": "OPENVAS:1361412562310875506", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875506", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875506\");\n script_version(\"2019-04-16T07:10:04+0000\");\n script_cve_id(\"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2019-9162\", \"CVE-2019-9213\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-16 07:10:04 +0000 (Tue, 16 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-03-12 04:12:28 +0100 (Tue, 12 Mar 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-196ab64d65\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-196ab64d65\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHY2JYWF6TLQZKNODGRXDHOGVYDUZAHP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-196ab64d65 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.20.14~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-65c6d11eba", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2019-9857", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-18710", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2019-3882", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-04-12T00:00:00", "id": "OPENVAS:1361412562310875559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875559", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875559\");\n script_version(\"2019-04-12T12:30:40+0000\");\n script_cve_id(\"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\",\n \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\",\n \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\",\n \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\",\n \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\",\n \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\",\n \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\",\n \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\",\n \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\",\n \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\",\n \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-04-12 12:30:40 +0000 (Fri, 12 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-09 02:08:21 +0000 (Tue, 09 Apr 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-65c6d11eba\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-65c6d11eba\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L2CCTWJO62IXCZREMJLQCQN55W7UN44B\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel' package(s) announced via the FEDORA-2019-65c6d11eba advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.6~100.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-08T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-a6cd583a8d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2019-3900", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2019-9857", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-16862", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-9503", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2019-3882", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876322", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876322", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876322\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-08 02:10:09 +0000 (Wed, 08 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-a6cd583a8d\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a6cd583a8d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RI3WXXM5URTZSR3RVEKO6MDXDFIKTZ5R\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-a6cd583a8d advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.11~100.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-17T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2019-c36afa818c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2018-13053", "CVE-2018-1108", "CVE-2018-12126", "CVE-2019-3900", "CVE-2018-12633", "CVE-2019-3460", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2018-19824", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2018-19406", "CVE-2018-10853", "CVE-2019-8980", "CVE-2019-9857", "CVE-2018-13093", "CVE-2018-17182", "CVE-2019-8912", "CVE-2018-14734", "CVE-2018-12127", "CVE-2018-16862", "CVE-2019-11884", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2019-9500", "CVE-2018-18710", "CVE-2019-9503", "CVE-2018-3620", "CVE-2019-7221", "CVE-2018-10322", "CVE-2018-15471", "CVE-2019-3701", "CVE-2018-10323", "CVE-2019-6974", "CVE-2019-3459", "CVE-2018-14678", "CVE-2018-19407", "CVE-2018-14633", "CVE-2018-16880", "CVE-2018-3639", "CVE-2019-11091", "CVE-2019-3882", "CVE-2018-12896", "CVE-2018-12130", "CVE-2018-13094"], "modified": "2019-05-17T00:00:00", "id": "OPENVAS:1361412562310876377", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876377", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876377\");\n script_version(\"2019-05-17T10:04:07+0000\");\n script_cve_id(\"CVE-2018-12126\", \"CVE-2018-12127\", \"CVE-2018-12130\", \"CVE-2019-11091\", \"CVE-2019-11884\", \"CVE-2019-3900\", \"CVE-2019-9503\", \"CVE-2019-9500\", \"CVE-2019-3882\", \"CVE-2019-9857\", \"CVE-2019-8980\", \"CVE-2019-8912\", \"CVE-2019-7221\", \"CVE-2019-6974\", \"CVE-2019-7222\", \"CVE-2018-16880\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-3701\", \"CVE-2018-19406\", \"CVE-2018-19824\", \"CVE-2018-16862\", \"CVE-2018-19407\", \"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-05-17 10:04:07 +0000 (Fri, 17 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-17 02:12:30 +0000 (Fri, 17 May 2019)\");\n script_name(\"Fedora Update for kernel FEDORA-2019-c36afa818c\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-c36afa818c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPWHQHNM2MSGO3FDJVIQXQNKYVR7TV45\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2019-c36afa818c advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel meta package\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~5.0.16~100.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-b68776e5b0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10021", "CVE-2018-8043", "CVE-2017-17863", "CVE-2018-13053", "CVE-2017-17450", "CVE-2018-1108", "CVE-2017-17558", "CVE-2018-12633", "CVE-2018-1000004", "CVE-2018-5333", "CVE-2017-17741", "CVE-2018-10840", "CVE-2018-13405", "CVE-2018-13095", "CVE-2017-12193", "CVE-2017-17862", "CVE-2018-12714", "CVE-2018-11506", "CVE-2018-12232", "CVE-2017-17852", "CVE-2018-10853", "CVE-2017-16532", "CVE-2017-16649", "CVE-2018-5344", "CVE-2017-17854", "CVE-2018-13093", "CVE-2017-17853", "CVE-2018-17182", "CVE-2018-7757", "CVE-2017-15115", "CVE-2018-14734", "CVE-2017-17712", "CVE-2017-8824", "CVE-2017-17448", "CVE-2018-3646", "CVE-2018-1120", "CVE-2018-5391", "CVE-2018-1065", "CVE-2017-18232", "CVE-2018-18710", "CVE-2017-16647", "CVE-2018-5332", "CVE-2018-3620", "CVE-2017-17449", "CVE-2018-10322", "CVE-2018-15471", "CVE-2017-16650", "CVE-2018-10323", "CVE-2018-7995", "CVE-2018-14678", "CVE-2018-5750", "CVE-2017-16538", "CVE-2017-17855", "CVE-2018-14633", "CVE-2017-17857", "CVE-2017-16644", "CVE-2017-17864", "CVE-2018-5803", "CVE-2017-1000405", "CVE-2018-1000026", "CVE-2018-3639", "CVE-2017-17856", "CVE-2018-12896", "CVE-2018-13094"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875334", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875334", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_b68776e5b0_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-b68776e5b0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875334\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-18710\", \"CVE-2018-14633\", \"CVE-2018-17182\", \"CVE-2018-5391\", \"CVE-2018-15471\", \"CVE-2018-3620\", \"CVE-2018-3646\", \"CVE-2018-14734\", \"CVE-2018-14678\", \"CVE-2018-13405\", \"CVE-2018-13053\", \"CVE-2018-12896\", \"CVE-2018-13093\", \"CVE-2018-13094\", \"CVE-2018-13095\", \"CVE-2018-12714\", \"CVE-2018-12633\", \"CVE-2018-12232\", \"CVE-2018-10853\", \"CVE-2018-11506\", \"CVE-2018-10840\", \"CVE-2018-3639\", \"CVE-2018-1120\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-1108\", \"CVE-2018-10021\", \"CVE-2017-18232\", \"CVE-2018-7995\", \"CVE-2018-8043\", \"CVE-2018-7757\", \"CVE-2018-5803\", \"CVE-2018-1065\", \"CVE-2018-1000026\", \"CVE-2018-5750\", \"CVE-2018-1000004\", \"CVE-2018-5344\", \"CVE-2018-5332\", \"CVE-2018-5333\", \"CVE-2017-17862\", \"CVE-2017-17863\", \"CVE-2017-17864\", \"CVE-2017-17852\", \"CVE-2017-17853\", \"CVE-2017-17854\", \"CVE-2017-17855\", \"CVE-2017-17856\", \"CVE-2017-17857\", \"CVE-2017-17741\", \"CVE-2017-17712\", \"CVE-2017-17449\", \"CVE-2017-17450\", \"CVE-2017-17448\", \"CVE-2017-17558\", \"CVE-2017-8824\", \"CVE-2017-1000405\", \"CVE-2017-16649\", \"CVE-2017-16650\", \"CVE-2017-16644\", \"CVE-2017-16647\", \"CVE-2017-15115\", \"CVE-2017-16532\", \"CVE-2017-16538\", \"CVE-2017-12193\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-12-04 08:34:37 +0100 (Tue, 04 Dec 2018)\");\n script_name(\"Fedora Update for kernel FEDORA-2018-b68776e5b0\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n script_xref(name:\"FEDORA\", value:\"2018-b68776e5b0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2OZHJB75FAIL6GZIEXPM735EW43TAV37\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the FEDORA-2018-b68776e5b0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 27.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.18.19~100.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-27T18:40:37", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2353)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15219", "CVE-2017-7472", "CVE-2019-14815", "CVE-2019-15098", "CVE-2016-2384", "CVE-2016-2782", "CVE-2018-3693", "CVE-2017-14051", "CVE-2019-15218", "CVE-2017-7261", "CVE-2019-14816", "CVE-2015-3332", "CVE-2017-13216", "CVE-2017-18595", "CVE-2018-10880", "CVE-2019-15217", "CVE-2019-0136", "CVE-2019-17666", "CVE-2019-14284", "CVE-2019-15807", "CVE-2016-3689", "CVE-2019-15216", "CVE-2019-15505", "CVE-2019-12378", "CVE-2019-17055", "CVE-2016-3139", "CVE-2015-9289", "CVE-2019-15118", "CVE-2017-18551", "CVE-2016-2186", "CVE-2019-13648", "CVE-2019-17054", "CVE-2014-1446", "CVE-2016-2187", "CVE-2018-10675", "CVE-2019-13631", "CVE-2019-15220", "CVE-2016-4569", "CVE-2016-7425", "CVE-2017-13305", "CVE-2017-1000379", "CVE-2016-2184", "CVE-2019-17075", "CVE-2019-15927", "CVE-2017-18232", "CVE-2019-10140", "CVE-2019-12381", "CVE-2018-18710", "CVE-2019-12379", "CVE-2019-14835", "CVE-2019-15213", "CVE-2019-9503", "CVE-2015-1350", "CVE-2019-15212", "CVE-2019-12456", "CVE-2019-15221", "CVE-2018-10322", "CVE-2018-20856", "CVE-2019-12818", "CVE-2018-17972", "CVE-2019-10142", "CVE-2016-3138", "CVE-2018-10323", "CVE-2019-15292", "CVE-2016-3140", "CVE-2019-17052", "CVE-2018-20976", "CVE-2017-18509", "CVE-2016-4578", "CVE-2015-8816", "CVE-2019-15214", "CVE-2016-2185", "CVE-2018-9518", "CVE-2018-10087", "CVE-2019-16232", "CVE-2019-14821", "CVE-2019-3846", "CVE-2018-10124", "CVE-2019-2101", "CVE-2019-15916", "CVE-2016-4580", "CVE-2017-11089", "CVE-2019-15926", "CVE-2019-14814", "CVE-2018-6412", "CVE-2017-13167", "CVE-2019-15291", "CVE-2019-3882", "CVE-2019-17053", "CVE-2019-1125", "CVE-2018-12896", "CVE-2019-17133", "CVE-2019-16413", "CVE-2018-20511", "CVE-2019-17056", "CVE-2019-14283"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192353", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192353", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2353\");\n script_version(\"2020-01-23T14:09:13+0000\");\n script_cve_id(\"CVE-2014-1446\", \"CVE-2015-1350\", \"CVE-2015-3332\", \"CVE-2015-8816\", \"CVE-2015-9289\", \"CVE-2016-2184\", \"CVE-2016-2185\", \"CVE-2016-2186\", \"CVE-2016-2187\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3138\", \"CVE-2016-3139\", \"CVE-2016-3140\", \"CVE-2016-3689\", \"CVE-2016-4569\", \"CVE-2016-4578\", \"CVE-2016-4580\", \"CVE-2016-7425\", \"CVE-2017-1000379\", \"CVE-2017-11089\", \"CVE-2017-13167\", \"CVE-2017-13216\", \"CVE-2017-13305\", \"CVE-2017-14051\", \"CVE-2017-18232\", \"CVE-2017-18509\", \"CVE-2017-18551\", \"CVE-2017-18595\", \"CVE-2017-7261\", \"CVE-2017-7472\", \"CVE-2018-10087\", \"CVE-2018-10124\", \"CVE-2018-10322\", \"CVE-2018-10323\", \"CVE-2018-10675\", \"CVE-2018-10880\", \"CVE-2018-12896\", \"CVE-2018-17972\", \"CVE-2018-18710\", \"CVE-2018-20511\", \"CVE-2018-20856\", \"CVE-2018-20976\", \"CVE-2018-3693\", \"CVE-2018-6412\", \"CVE-2018-9518\", \"CVE-2019-0136\", \"CVE-2019-10140\", \"CVE-2019-10142\", \"CVE-2019-1125\", \"CVE-2019-12378\", \"CVE-2019-12379\", \"CVE-2019-12381\", \"CVE-2019-12456\", \"CVE-2019-12818\", \"CVE-2019-13631\", \"CVE-2019-13648\", \"CVE-2019-14283\", \"CVE-2019-14284\", \"CVE-2019-14814\", \"CVE-2019-14815\", \"CVE-2019-14816\", \"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15098\", \"CVE-2019-15118\", \"CVE-2019-15212\", \"CVE-2019-15213\", \"CVE-2019-15214\", \"CVE-2019-15216\", \"CVE-2019-15217\", \"CVE-2019-15218\", \"CVE-2019-15219\", \"CVE-2019-15220\", \"CVE-2019-15221\", \"CVE-2019-15291\", \"CVE-2019-15292\", \"CVE-2019-15505\", \"CVE-2019-15807\", \"CVE-2019-15916\", \"CVE-2019-15926\", \"CVE-2019-15927\", \"CVE-2019-16232\", \"CVE-2019-16413\", \"CVE-2019-17052\", \"CVE-2019-17053\", \"CVE-2019-17054\", \"CVE-2019-17055\", \"CVE-2019-17056\", \"CVE-2019-17075\", \"CVE-2019-17133\", \"CVE-2019-17666\", \"CVE-2019-2101\", \"CVE-2019-3846\", \"CVE-2019-3882\", \"CVE-2019-9503\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 14:09:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:47:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-2353)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2353\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2353\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-2353 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The yam_ioctl function in drivers et/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call.(CVE-2014-1446)\n\nThe VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.(CVE-2015-1350)\n\nA certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x through 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.(CVE-2015-3332)\n\nThe hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.(CVE-2015-8816)\n\nIn the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.(CVE-2015-9289)\n\nThe create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2184)\n\nThe ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.(CVE-2016-2185)\n\nThe powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~327.62.59.83.h195\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:34:22", "description": "An issue was discovered in the Linux kernel through 4.19. An information\nleak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by\nlocal attackers to read kernel memory because a cast from unsigned long to\nint interferes with bounds checking. This is similar to CVE-2018-10940 and\nCVE-2018-16658.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-29T00:00:00", "type": "ubuntucve", "title": "CVE-2018-18710", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-18710"], "modified": "2018-10-29T00:00:00", "id": "UB:CVE-2018-18710", "href": "https://ubuntu.com/security/CVE-2018-18710", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-08-19T12:29:51", "description": "It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 18.10 : Linux kernel vulnerability (USN-3846-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3846-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119826", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3846-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119826);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3846-1\");\n\n script_name(english:\"Ubuntu 18.10 : Linux kernel vulnerability (USN-3846-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3846-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.18-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3846-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-1005-gcp\", pkgver:\"4.18.0-1005.6\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-1006-kvm\", pkgver:\"4.18.0-1006.6\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-1007-aws\", pkgver:\"4.18.0-1007.9\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-1007-azure\", pkgver:\"4.18.0-1007.7\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-1008-raspi2\", pkgver:\"4.18.0-1008.10\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-13-generic\", pkgver:\"4.18.0-13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-13-generic-lpae\", pkgver:\"4.18.0-13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-13-lowlatency\", pkgver:\"4.18.0-13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-4.18.0-13-snapdragon\", pkgver:\"4.18.0-13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-aws\", pkgver:\"4.18.0.1007.7\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-azure\", pkgver:\"4.18.0.1007.8\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-gcp\", pkgver:\"4.18.0.1005.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-generic\", pkgver:\"4.18.0.13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.18.0.13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-gke\", pkgver:\"4.18.0.1005.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-kvm\", pkgver:\"4.18.0.1006.6\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.18.0.13.14\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-raspi2\", pkgver:\"4.18.0.1008.5\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.18.0.13.14\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.18-aws / linux-image-4.18-azure / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:29:26", "description": "This is a rebase to the v4.19.x kernel and includes new features and bug fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2018-1621b2204a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-1621B2204A.NASL", "href": "https://www.tenable.com/plugins/nessus/120249", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-1621b2204a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120249);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18710\");\n script_xref(name:\"FEDORA\", value:\"2018-1621b2204a\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2018-1621b2204a)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a rebase to the v4.19.x kernel and includes new features and\nbug fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-1621b2204a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-1621b2204a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.19.2-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.19.2-200.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.19.2-200.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:30:24", "description": "This is an update to the v4.18.19 stable kernel and includes fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-27T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel / kernel-headers / kernel-tools (2018-b68776e5b0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-B68776E5B0.NASL", "href": "https://www.tenable.com/plugins/nessus/119158", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-b68776e5b0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119158);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18710\");\n script_xref(name:\"FEDORA\", value:\"2018-b68776e5b0\");\n\n script_name(english:\"Fedora 27 : kernel / kernel-headers / kernel-tools (2018-b68776e5b0)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update to the v4.18.19 stable kernel and includes fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-b68776e5b0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-b68776e5b0\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.18.19-100.fc27\")) flag++;\nif (rpm_check(release:\"FC27\", reference:\"kernel-headers-4.18.19-100.fc27\")) flag++;\nif (rpm_check(release:\"FC27\", reference:\"kernel-tools-4.18.19-100.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:29:23", "description": "This is a rebase to the v4.19.x kernel and includes new features and bug fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2018-f55c305488)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-18710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2018-F55C305488.NASL", "href": "https://www.tenable.com/plugins/nessus/120913", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-f55c305488.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120913);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-18710\");\n script_xref(name:\"FEDORA\", value:\"2018-f55c305488\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2018-f55c305488)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a rebase to the v4.19.x kernel and includes new features and\nbug fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-f55c305488\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-f55c305488\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.19.2-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.19.2-300.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-4.19.2-300.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:27:28", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.i1/4^CVE-2018-15594i1/4%0\n\n - An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.i1/4^CVE-2018-18710i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1178)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15594", "CVE-2018-18710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/123864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123864);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15594\",\n \"CVE-2018-18710\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1178)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - It was found that paravirt_patch_call/jump() functions\n in the arch/x86/kernel/paravirt.c in the Linux kernel\n mishandles certain indirect calls, which makes it\n easier for attackers to conduct Spectre-v2 attacks\n against paravirtualized guests.i1/4^CVE-2018-15594i1/4%0\n\n - An issue was discovered in the Linux kernel through\n 4.19. An information leak in cdrom_ioctl_select_disc in\n drivers/cdrom/cdrom.c could be used by local attackers\n to read kernel memory because a cast from unsigned long\n to int interferes with bounds\n checking.i1/4^CVE-2018-18710i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1178\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?24eb3577\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-514.44.5.10_109\",\n \"kernel-devel-3.10.0-514.44.5.10_109\",\n \"kernel-headers-3.10.0-514.44.5.10_109\",\n \"kernel-tools-3.10.0-514.44.5.10_109\",\n \"kernel-tools-libs-3.10.0-514.44.5.10_109\",\n \"kernel-tools-libs-devel-3.10.0-514.44.5.10_109\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:27:24", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.i1/4^CVE-2018-15594i1/4%0\n\n - An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.i1/4^CVE-2018-18710i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1181)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-15594", "CVE-2018-18710"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.4"], "id": "EULEROS_SA-2019-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/123867", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123867);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-15594\",\n \"CVE-2018-18710\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1181)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - It was found that paravirt_patch_call/jump() functions\n in the arch/x86/kernel/paravirt.c in the Linux kernel\n mishandles certain indirect calls, which makes it\n easier for attackers to conduct Spectre-v2 attacks\n against paravirtualized guests.i1/4^CVE-2018-15594i1/4%0\n\n - An issue was discovered in the Linux kernel through\n 4.19. An information leak in cdrom_ioctl_select_disc in\n drivers/cdrom/cdrom.c could be used by local attackers\n to read kernel memory because a cast from unsigned long\n to int interferes with bounds\n checking.i1/4^CVE-2018-18710i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1181\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ed0f0102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_34\",\n \"kernel-devel-3.10.0-862.14.1.1_34\",\n \"kernel-headers-3.10.0-862.14.1.1_34\",\n \"kernel-tools-3.10.0-862.14.1.1_34\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_34\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_34\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-16T00:47:45", "description": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.(CVE-2018-16862)\n\nAn issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.(CVE-2018-18710)\n\nA NULL pointer dereference security flaw was found in the Linux kernel in the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows local users with certain privileges to cause a denial of service via a crafted system call to the KVM subsystem.(CVE-2018-19407)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-20T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2018-1133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2018-1133.NASL", "href": "https://www.tenable.com/plugins/nessus/119787", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1133.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119787);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-18710\", \"CVE-2018-19407\");\n script_xref(name:\"ALAS\", value:\"2018-1133\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2018-1133)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found in the Linux kernel in a way that the\ncleancache subsystem clears an inode after the final file truncation\n(removal). The new file created with the same inode may contain\nleftover pages from cleancache and the old file data instead of the\nnew one.(CVE-2018-16862)\n\nAn issue was discovered in the Linux kernel through 4.19. An\ninformation leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c\ncould be used by local attackers to read kernel memory because a cast\nfrom unsigned long to int interferes with bounds\nchecking.(CVE-2018-18710)\n\nA NULL pointer dereference security flaw was found in the Linux kernel\nin the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows\nlocal users with certain privileges to cause a denial of service via a\ncrafted system call to the KVM subsystem.(CVE-2018-19407)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1133.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18710\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.88-88.73.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.88-88.73.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-27T15:59:42", "description": "According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-21T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18710"], "modified": "2021-04-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.2"], "id": "EULEROS_SA-2018-1373.NASL", "href": "https://www.tenable.com/plugins/nessus/119064", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119064);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/08\");\n\n script_cve_id(\n \"CVE-2018-18710\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1373)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - An issue was discovered in the Linux kernel through\n 4.19. An information leak in cdrom_ioctl_select_disc in\n drivers/cdrom/cdrom.c could be used by local attackers\n to read kernel memory because a cast from unsigned long\n to int interferes with bounds checking. This is similar\n to CVE-2018-10940 and CVE-2018-16658.(CVE-2018-18710)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1373\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e4ffe70f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-514.44.5.10_104\",\n \"kernel-devel-3.10.0-514.44.5.10_104\",\n \"kernel-headers-3.10.0-514.44.5.10_104\",\n \"kernel-tools-3.10.0-514.44.5.10_104\",\n \"kernel-tools-libs-3.10.0-514.44.5.10_104\",\n \"kernel-tools-libs-devel-3.10.0-514.44.5.10_104\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-16T00:47:55", "description": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.(CVE-2018-16862)\n\nAn issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.(CVE-2018-18710)\n\nA NULL pointer dereference security flaw was found in the Linux kernel in the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows local users with certain privileges to cause a denial of service via a crafted system call to the KVM subsystem.(CVE-2018-19407)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2018-1133)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407"], "modified": "2020-03-27T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1133.NASL", "href": "https://www.tenable.com/plugins/nessus/119813", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1133.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119813);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/27\");\n\n script_cve_id(\"CVE-2018-16862\", \"CVE-2018-18710\", \"CVE-2018-19407\");\n script_xref(name:\"ALAS\", value:\"2018-1133\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2018-1133)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was found in the Linux kernel in a way that the\ncleancache subsystem clears an inode after the final file truncation\n(removal). The new file created with the same inode may contain\nleftover pages from cleancache and the old file data instead of the\nnew one.(CVE-2018-16862)\n\nAn issue was discovered in the Linux kernel through 4.19. An\ninformation leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c\ncould be used by local attackers to read kernel memory because a cast\nfrom unsigned long to int interferes with bounds\nchecking.(CVE-2018-18710)\n\nA NULL pointer dereference security flaw was found in the Linux kernel\nin the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows\nlocal users with certain privileges to cause a denial of service via a\ncrafted system call to the KVM subsystem.(CVE-2018-19407)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1133.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-18710\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.88-72.73.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.88-72.73.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-10-16T13:10:26", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - Revert commit 8bd274934987 ('block: fix bdi vs gendisk lifetime mismatch') (Ashish Samant) [Orabug: 28968102]\n\n - KVM/x86: Add IBPB support (Ashok Raj) [Orabug: 28703712]\n\n - x86/intel/spectre_v2: Remove unnecessary retp_compiler test (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/intel/spectre_v4: Deprecate spec_store_bypass_disable=userspace (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/speculation: x86_spec_ctrl_set needs to be called unconditionally (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/speculation: Drop unused DISABLE_IBRS_CLOBBER macro (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/intel/spectre_v4: Keep SPEC_CTRL_SSBD when IBRS is in use (Boris Ostrovsky) [Orabug: 28814570]\n\n - net: net_failover: fix typo in net_failover_slave_register (Liran Alon) [Orabug:\n 28122104]\n\n - virtio_net: Extend virtio to use VF datapath when available (Sridhar Samudrala) [Orabug: 28122104]\n\n - virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit (Sridhar Samudrala) [Orabug: 28122104]\n\n - net: Introduce net_failover driver (Sridhar Samudrala) [Orabug: 28122104]\n\n - net: Introduce generic failover module (Sridhar Samudrala) [Orabug: 28122104]\n\n - net: introduce lower state changed info structure for LAG lowers (Jiri Pirko) [Orabug: 28122104]\n\n - net: introduce change lower state notifier (Jiri Pirko) [Orabug: 28122104]\n\n - net: add info struct for LAG changeupper (Jiri Pirko) [Orabug: 28122104]\n\n - net: add possibility to pass information about upper device via notifier (Jiri Pirko) [Orabug: 28122104]\n\n - net: Check CHANGEUPPER notifier return value (Ido Schimmel) [Orabug: 28122104]\n\n - net: introduce change upper device notifier change info (Jiri Pirko) \n\n - x86/bugs: rework x86_spec_ctrl_set to make its changes explicit (Daniel Jordan) [Orabug: 28271063]\n\n - x86/bugs: rename ssbd_ibrs_selected to ssbd_userspace_selected (Daniel Jordan) [Orabug:\n 28271063]\n\n - x86/bugs: always use x86_spec_ctrl_base or _priv when setting spec ctrl MSR (Daniel Jordan) [Orabug: 28271063]\n\n - xen-blkfront: fix kernel panic with negotiate_mq error path (Manjunath Patil) [Orabug: 28798861]\n\n - scsi: lpfc: Correct MDS diag and nvmet configuration (James Smart) \n\n - scsi: virtio_scsi: let host do exception handling (Paolo Bonzini) \n\n - net/rds: Fix endless RNR situation (Venkat Venkatsubra) [Orabug: 28857027]\n\n - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect (Alexander Potapenko) [Orabug: 28892656] (CVE-2018-1000204)\n\n - cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929767] (CVE-2018-16658) (CVE-2018-10940) (CVE-2018-18710)", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-30T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0284)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000204", "CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18710"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2018-0284.NASL", "href": "https://www.tenable.com/plugins/nessus/119292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2018-0284.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119292);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/18\");\n\n script_cve_id(\"CVE-2018-1000204\", \"CVE-2018-10940\", \"CVE-2018-16658\", \"CVE-2018-18710\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0284)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - Revert commit 8bd274934987 ('block: fix bdi vs gendisk\n lifetime mismatch') (Ashish Samant) [Orabug: 28968102]\n\n - KVM/x86: Add IBPB support (Ashok Raj) [Orabug: 28703712]\n\n - x86/intel/spectre_v2: Remove unnecessary retp_compiler\n test (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/intel/spectre_v4: Deprecate\n spec_store_bypass_disable=userspace (Boris Ostrovsky)\n [Orabug: 28814570]\n\n - x86/speculation: x86_spec_ctrl_set needs to be called\n unconditionally (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/speculation: Drop unused DISABLE_IBRS_CLOBBER macro\n (Boris Ostrovsky) [Orabug: 28814570]\n\n - x86/intel/spectre_v4: Keep SPEC_CTRL_SSBD when IBRS is\n in use (Boris Ostrovsky) [Orabug: 28814570]\n\n - net: net_failover: fix typo in\n net_failover_slave_register (Liran Alon) [Orabug:\n 28122104]\n\n - virtio_net: Extend virtio to use VF datapath when\n available (Sridhar Samudrala) [Orabug: 28122104]\n\n - virtio_net: Introduce VIRTIO_NET_F_STANDBY feature bit\n (Sridhar Samudrala) [Orabug: 28122104]\n\n - net: Introduce net_failover driver (Sridhar Samudrala)\n [Orabug: 28122104]\n\n - net: Introduce generic failover module (Sridhar\n Samudrala) [Orabug: 28122104]\n\n - net: introduce lower state changed info structure for\n LAG lowers (Jiri Pirko) [Orabug: 28122104]\n\n - net: introduce change lower state notifier (Jiri Pirko)\n [Orabug: 28122104]\n\n - net: add info struct for LAG changeupper (Jiri Pirko)\n [Orabug: 28122104]\n\n - net: add possibility to pass information about upper\n device via notifier (Jiri Pirko) [Orabug: 28122104]\n\n - net: Check CHANGEUPPER notifier return value (Ido\n Schimmel) [Orabug: 28122104]\n\n - net: introduce change upper device notifier change info\n (Jiri Pirko) \n\n - x86/bugs: rework x86_spec_ctrl_set to make its changes\n explicit (Daniel Jordan) [Orabug: 28271063]\n\n - x86/bugs: rename ssbd_ibrs_selected to\n ssbd_userspace_selected (Daniel Jordan) [Orabug:\n 28271063]\n\n - x86/bugs: always use x86_spec_ctrl_base or _priv when\n setting spec ctrl MSR (Daniel Jordan) [Orabug: 28271063]\n\n - xen-blkfront: fix kernel panic with negotiate_mq error\n path (Manjunath Patil) [Orabug: 28798861]\n\n - scsi: lpfc: Correct MDS diag and nvmet configuration\n (James Smart) \n\n - scsi: virtio_scsi: let host do exception handling (Paolo\n Bonzini) \n\n - net/rds: Fix endless RNR situation (Venkat Venkatsubra)\n [Orabug: 28857027]\n\n - scsi: sg: allocate with __GFP_ZERO in sg_build_indirect\n (Alexander Potapenko) [Orabug: 28892656]\n (CVE-2018-1000204)\n\n - cdrom: fix improper type cast, which can leat to\n information leak. (Young_X) [Orabug: 28929767]\n (CVE-2018-16658) (CVE-2018-10940) (CVE-2018-18710)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2018-November/000918.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99e26a29\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000204\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-124.22.4.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-124.22.4.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 6.3, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2021-10-16T13:10:40", "description": "It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3848-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18174", "CVE-2018-12896", "CVE-2018-18690", "CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3848-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119830", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3848-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119830);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3848-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3848-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a double free existed in the AMD GPIO driver in\nthe Linux kernel. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS\nfile system in the Linux kernel in certain situations could cause an\nerror condition to occur. A local attacker could use this to cause a\ndenial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3848-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3848-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1039-kvm\", pkgver:\"4.4.0-1039.45\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1074-aws\", pkgver:\"4.4.0-1074.84\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1102-raspi2\", pkgver:\"4.4.0-1102.110\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1106-snapdragon\", pkgver:\"4.4.0-1106.111\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-141-generic\", pkgver:\"4.4.0-141.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-141-generic-lpae\", pkgver:\"4.4.0-141.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-141-lowlatency\", pkgver:\"4.4.0-141.167\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1074.76\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.141.147\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.141.147\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.4.0.1039.38\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.141.147\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1102.102\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1106.98\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-09T12:55:30", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4288 advisory.\n\n - ** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it virtually impossible to exploit.\n (CVE-2018-1000204)\n\n - An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658. (CVE-2018-18710)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2018-11-29T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4288)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18710", "CVE-2018-1000204"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2018-4288.NASL", "href": "https://www.tenable.com/plugins/nessus/119279", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2018-4288.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119279);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2018-10940\",\n \"CVE-2018-16658\",\n \"CVE-2018-18710\",\n \"CVE-2018-1000204\"\n );\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2018-4288)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe ELSA-2018-4288 advisory.\n\n - ** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with\n dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel\n heap pages to the userspace. This has been fixed upstream in\n https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has\n limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the\n Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties\n dispute the relevance of this report, noting that the requirement for an attacker to have both the\n CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it virtually impossible to exploit.\n (CVE-2018-1000204)\n\n - An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc\n in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from\n unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and\n CVE-2018-16658. (CVE-2018-18710)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2018-4288.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000204\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.22.4.el6uek', '4.1.12-124.22.4.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2018-4288');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.22.4.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.22.4.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.22.4.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.22.4.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.22.4.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.22.4.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.22.4.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.22.4.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.22.4.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.22.4.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.22.4.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.22.4.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 6.3, "vector": "AV:N/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2021-10-16T13:10:45", "description": "USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nIt was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3848-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18174", "CVE-2018-12896", "CVE-2018-18690", "CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3848-2.NASL", "href": "https://www.tenable.com/plugins/nessus/119831", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3848-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119831);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3848-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3848-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nIt was discovered that a double free existed in the AMD GPIO driver in\nthe Linux kernel. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2017-18174)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service. (CVE-2018-12896)\n\nKanda Motohiro discovered that writing extended attributes to an XFS\nfile system in the Linux kernel in certain situations could cause an\nerror condition to occur. A local attacker could use this to cause a\ndenial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3848-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-18174\", \"CVE-2018-12896\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3848-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-1037-aws\", pkgver:\"4.4.0-1037.40\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-141-generic\", pkgver:\"4.4.0-141.167~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-141-generic-lpae\", pkgver:\"4.4.0-141.167~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-141-lowlatency\", pkgver:\"4.4.0-141.167~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-aws\", pkgver:\"4.4.0.1037.37\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.141.121\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.141.121\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.141.121\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-aws / linux-image-4.4-generic / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:30:27", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\n - CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n\n - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed :\n\n - acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n\n - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n\n - alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n\n - alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n\n - alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n\n - alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n\n - alsa: hda: fix unused variable warning (bsc#1051510).\n\n - alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n\n - alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).\n\n - apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n\n - ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n\n - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n\n - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n\n - ASoC: rsnd: do not fallback to PIO mode when\n -EPROBE_DEFER (bsc#1051510).\n\n - ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n\n - ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n\n - ASoC: wm8804: Add ACPI support (bsc#1051510).\n\n - ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n\n - ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n\n - batman-adv: Avoid probe ELP information leak (bsc#1051510).\n\n - batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n\n - batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n\n - bdi: Fix another oops in wb_workfn() (bsc#1112746).\n\n - bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n\n - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n\n - blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n\n - block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n\n - block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n\n - block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n\n - bpf/verifier: disallow pointer subtraction (bsc#1083647).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n\n - btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n\n - btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n\n - btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n\n - btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n\n - cdc-acm: fix race between reset and control messaging (bsc#1051510).\n\n - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n\n - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n\n - clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n\n - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n\n - clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n\n - coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n\n - crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n\n - crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n\n - crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n\n - crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n\n - dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n\n - debugobjects: Make stack check warning more informative (bsc#1051510).\n\n - documentation/l1tf: Fix small spelling typo (bsc#1051510).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n\n - drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n\n - drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n\n - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n\n - drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n\n - drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n\n - drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n\n - drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n\n - drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n\n - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n\n - drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n\n - drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n\n - drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n\n - drm/msm: fix OF child-node lookup (bsc#1106110)\n\n - drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n\n - drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n\n - drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n\n - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n\n - e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n\n - eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n\n - eeprom: at24: check at24_read/write arguments (bsc#1051510).\n\n - eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n\n - enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n\n - enic: handle mtu change for vf properly (bsc#1051510).\n\n - enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n\n - ethtool: fix a privilege escalation bug (bsc#1076830).\n\n - ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n\n - ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n\n - ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n\n - ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n\n - ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n\n - ext4: do not mark mmp buffer head dirty (bsc#1112743).\n\n - ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n\n - ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n\n - ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n\n - ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n\n - ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n\n - ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n\n - fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n\n - hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n\n - hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n\n - hfs: prevent crash on exit from failed search (bsc#1051510).\n\n - hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n\n - hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n\n - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hv_netvsc: fix schedule in RCU context ().\n\n - hwrng: core - document the quality field (bsc#1051510).\n\n - hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n\n - i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n\n - iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n\n - iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n\n - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n\n - input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n\n - input: atakbd - fix Atari keymap (bsc#1051510).\n\n - intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n\n - iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n\n - iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n\n - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n\n - iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n\n - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n\n - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n\n - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n\n - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n\n - iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n\n - iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n\n - iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n\n - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n\n - jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n\n - kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n\n - Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n\n - kernfs: update comment about kernfs_path() return value (bsc#1051510).\n\n - kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n\n - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n\n - kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n\n - kvm: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n\n - kvm: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n\n - kvm: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n\n - kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n\n - kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n\n - kvm: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n\n - kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n\n - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n\n - libertas: call into generic suspend code before turning off power (bsc#1051510).\n\n - libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n\n - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n\n - loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n\n - loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n\n - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n\n - mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n\n - mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n\n - media: af9035: prevent buffer overflow on write (bsc#1051510).\n\n - media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n\n - media: dvb: fix compat ioctl translation (bsc#1051510).\n\n - media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n\n - media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n\n - media: pci: cx23885: handle adding to list failure (bsc#1051510).\n\n - media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n\n - media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n\n - media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n\n - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n\n - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n\n - media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n\n - mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n\n - mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n\n - mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n\n - mm/migrate: Use spin_trylock() while resetting rate limit ().\n\n - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n\n - move changes without Git-commit out of sorted section\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n\n - nfs: Avoid quadratic search when freeing delegations (bsc#1084760).\n\n - nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - of: add helper to lookup compatible child node (bsc#1106110)\n\n - orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n\n - orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n\n - orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n\n - orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n\n - ovl: fix format of setxattr debug (git-fixes).\n\n - ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n\n - pci/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n\n - pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n\n - pci: Reprogram bridge prefetch registers on resume (bsc#1051510).\n\n - powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n\n - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n\n - powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n\n - powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n\n - printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n\n - printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n\n - proc: restrict kernel stack dumps to root (git-fixes).\n blacklist.conf :\n\n - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n\n - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n\n - random: rate limit unseeded randomness warnings (git-fixes).\n\n - rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n\n - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n\n - reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries (bsc#1109818).\n\n - scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n\n - scsi: ipr: Eliminate duplicate barriers ().\n\n - scsi: ipr: fix incorrect indentation of assignment statement ().\n\n - scsi: ipr: Use dma_pool_zalloc() ().\n\n - scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n\n - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n\n - scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n\n - scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n\n - serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n\n - series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n\n - smb2: fix missing files in root share directory listing (bsc#1112907).\n\n - smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n\n - smb3: fix reset of bytes read and written stats (bsc#1112906).\n\n - smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n\n - sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n\n - soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n\n - sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n\n - sound: enable interrupt after dma buffer initialization (bsc#1051510).\n\n - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n\n - spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n\n - spi: sh-msiof: fix deferred probing (bsc#1051510).\n\n - squashfs: more metadata hardening (bsc#1051510).\n\n - staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n\n - stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n\n - switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n\n - sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n\n - team: Forbid enslaving team device to itself (bsc#1051510).\n\n - tools build: fix # escaping in .cmd files for future Make (git-fixes).\n\n - tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n\n - tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n\n - tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n\n - tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n\n - tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n\n - tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n\n - tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n\n - tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n\n - tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n\n - tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n\n - usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n\n - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n\n - usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n\n - usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n\n - usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n\n - usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n\n - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n\n - usb: yurex: Check for truncation in yurex_read() (bsc#1051510).\n\n - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n\n - Use upstream version of pci-hyperv patch (35a88a1)\n\n - vmbus: do not return values for uninitalized channels (bsc#1051510).\n\n - vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n\n - vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n\n - vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n\n - Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n\n - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n\n - x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).\n\n - x86/boot: Move EISA setup to a separate file (bsc#1110006).\n\n - x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n\n - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n\n - x86/eisa: Add missing include (bsc#1110006).\n\n - x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n\n - x86/MCE: Fix stack out-of-bounds write in mce-inject.c:\n Flags_read() (bsc#1110006).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n\n - x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n\n - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n\n - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n\n - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n\n - xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n\n - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n\n - xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2018-1342)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16533", "CVE-2017-18224", "CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18386", "CVE-2018-18445", "CVE-2018-18710"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-1342.NASL", "href": "https://www.tenable.com/plugins/nessus/118818", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1342.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118818);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-16533\", \"CVE-2017-18224\", \"CVE-2018-10940\", \"CVE-2018-16658\", \"CVE-2018-18386\", \"CVE-2018-18445\", \"CVE-2018-18710\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2018-1342)\");\n script_summary(english:\"Check for the openSUSE-2018-1342 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.0 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18710: An information leak in\n cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could\n be used by local attackers to read kernel memory because\n a cast from unsigned long to int interferes with bounds\n checking. This is similar to CVE-2018-10940 and\n CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18445: Faulty computation of numeric bounds in\n the BPF verifier permitted out-of-bounds memory accesses\n because adjust_scalar_min_max_vals in\n kernel/bpf/verifier.c mishandled 32-bit right shifts\n (bnc#1112372).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local\n attackers (who are able to access pseudo terminals) to\n hang/block further usage of any pseudo terminal devices\n due to an EXTPROC versus ICANON confusion in TIOCINQ\n (bnc#1094825).\n\n - CVE-2017-18224: fs/ocfs2/aops.c omitted use of a\n semaphore and consequently has a race condition for\n access to the extent tree during read operations in\n DIRECT mode, which allowed local users to cause a denial\n of service (BUG) by modifying a certain e_cpos field\n (bnc#1084831).\n\n - CVE-2017-16533: The usbhid_parse function in\n drivers/hid/usbhid/hid-core.c allowed local users to\n cause a denial of service (out-of-bounds read and system\n crash) or possibly have unspecified other impact via a\n crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed :\n\n - acpi / processor: Fix the return value of\n acpi_processor_ids_walk() (bsc#1051510).\n\n - aio: fix io_destroy(2) vs. lookup_ioctx() race\n (git-fixes).\n\n - alsa: hda: Add 2 more models to the power_save blacklist\n (bsc#1051510).\n\n - alsa: hda - Add mic quirk for the Lenovo G50-30\n (17aa:3905) (bsc#1051510).\n\n - alsa: hda - Add quirk for ASUS G751 laptop\n (bsc#1051510).\n\n - alsa: hda - Fix headphone pin config for ASUS G751\n (bsc#1051510).\n\n - alsa: hda: fix unused variable warning (bsc#1051510).\n\n - alsa: hda/realtek - Fix the problem of the front MIC on\n the Lenovo M715 (bsc#1051510).\n\n - alsa: usb-audio: update quirk for B&W PX to remove\n microphone (bsc#1051510).\n\n - apparmor: Check buffer bounds when mapping permissions\n mask (git-fixes).\n\n - ASoC: intel: skylake: Add missing break in\n skl_tplg_get_token() (bsc#1051510).\n\n - ASoC: Intel: Skylake: Reset the controller in probe\n (bsc#1051510).\n\n - ASoC: rsnd: adg: care clock-frequency size\n (bsc#1051510).\n\n - ASoC: rsnd: do not fallback to PIO mode when\n -EPROBE_DEFER (bsc#1051510).\n\n - ASoC: rt5514: Fix the issue of the delay volume applied\n again (bsc#1051510).\n\n - ASoC: sigmadsp: safeload should not have lower byte\n limit (bsc#1051510).\n\n - ASoC: wm8804: Add ACPI support (bsc#1051510).\n\n - ath10k: fix kernel panic issue during pci probe\n (bsc#1051510).\n\n - ath10k: fix scan crash due to incorrect length\n calculation (bsc#1051510).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait\n (bsc#1051510).\n\n - batman-adv: Avoid probe ELP information leak\n (bsc#1051510).\n\n - batman-adv: fix backbone_gw refcount on queue_work()\n failure (bsc#1051510).\n\n - batman-adv: fix hardif_neigh refcount on queue_work()\n failure (bsc#1051510).\n\n - bdi: Fix another oops in wb_workfn() (bsc#1112746).\n\n - bdi: Preserve kabi when adding cgwb_release_mutex\n (bsc#1112746).\n\n - blkdev_report_zones_ioctl(): Use vmalloc() to allocate\n large buffers (bsc#1111819).\n\n - blk-mq: I/O and timer unplugs are inverted in blktrace\n (bsc#1112713).\n\n - block, bfq: fix wrong init of saved start time for\n weight raising (bsc#1112708).\n\n - block: bfq: swap puts in bfqg_and_blkg_put\n (bsc#1112712).\n\n - block: bvec_nr_vecs() returns value for wrong slab\n (bsc#1111834).\n\n - bpf/verifier: disallow pointer subtraction\n (bsc#1083647).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error\n better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole\n filesystem (bsc#1113667).\n\n - btrfs: fix file data corruption after cloning a range\n and fsync (bsc#1111901).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot\n (Git-fixes bsc#1109919).\n\n - btrfs: fix mount failure after fsync due to hard link\n recreation (bsc#1103543).\n\n - btrfs: handle errors while updating refcounts in\n update_ref_for_cow (Git-fixes bsc#1109915).\n\n - btrfs: send, fix invalid access to commit roots due to\n concurrent snapshotting (bsc#1111904).\n\n - cdc-acm: fix race between reset and control messaging\n (bsc#1051510).\n\n - ceph: avoid a use-after-free in ceph_destroy_options()\n (bsc#1111983).\n\n - cifs: check for STATUS_USER_SESSION_DELETED\n (bsc#1112902).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - clk: x86: add 'ether_clk' alias for Bay Trail / Cherry\n Trail (bsc#1051510).\n\n - clk: x86: Stop marking clocks as CLK_IS_CRITICAL\n (bsc#1051510).\n\n - clocksource/drivers/ti-32k: Add\n CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs\n (bsc#1051510).\n\n - clocksource/drivers/timer-atmel-pit: Properly handle\n error cases (bsc#1051510).\n\n - coda: fix 'kernel memory exposure attempt' in fsync\n (bsc#1051510).\n\n - crypto: caam - fix implicit casts in endianness helpers\n (bsc#1051510).\n\n - crypto: chelsio - Fix memory corruption in DMA Mapped\n buffers (bsc#1051510).\n\n - crypto: lrw - Fix out-of bounds access on counter\n overflow (bsc#1051510).\n\n - crypto: tcrypt - fix ghash-generic speed test\n (bsc#1051510).\n\n - dax: Fix deadlock in dax_lock_mapping_entry()\n (bsc#1109951).\n\n - debugobjects: Make stack check warning more informative\n (bsc#1051510).\n\n - documentation/l1tf: Fix small spelling typo\n (bsc#1051510).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7\n (bsc#1051510).\n\n - drm/amdgpu: Fix vce work queue was not cancelled when\n suspend (bsc#1106110)\n\n - drm/amdgpu/powerplay: fix missing break in switch\n statements (bsc#1113722)\n\n - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions\n (bsc#1051510).\n\n - drm/hisilicon: hibmc: Do not carry error code in HiBMC\n framebuffer (bsc#1113722)\n\n - drm/hisilicon: hibmc: Do not overwrite fb helper surface\n depth (bsc#1113722)\n\n - drm/i915/audio: Hook up component bindings even if\n displays are (bsc#1113722)\n\n - drm/i915/dp: Link train Fallback on eDP only if fallback\n link BW can fit panel's native mode (bsc#1051510).\n\n - drm/i915/gen9+: Fix initial readout for Y tiled\n framebuffers (bsc#1113722)\n\n - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues\n (bsc#1051510).\n\n - drm/i915: Restore vblank interrupts earlier\n (bsc#1051510).\n\n - drm: mali-dp: Call drm_crtc_vblank_reset on device init\n (bsc#1051510).\n\n - drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n\n - drm/msm: fix OF child-node lookup (bsc#1106110)\n\n - drm/nouveau: Do not disable polling in fallback mode\n (bsc#1103356).\n\n - drm/sti: do not remove the drm_bridge that was never\n added (bsc#1100132)\n\n - drm/sun4i: Fix an ulong overflow in the dotclock driver\n (bsc#1106110)\n\n - drm/virtio: fix bounds check in\n virtio_gpu_cmd_get_capset() (bsc#1113722)\n\n - e1000: check on netif_running() before calling\n e1000_up() (bsc#1051510).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam()\n (bsc#1051510).\n\n - eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n\n - eeprom: at24: check at24_read/write arguments\n (bsc#1051510).\n\n - eeprom: at24: correctly set the size for at24mac402\n (bsc#1051510).\n\n - enic: do not call enic_change_mtu in enic_probe\n (bsc#1051510).\n\n - enic: handle mtu change for vf properly (bsc#1051510).\n\n - enic: initialize enic->rfs_h.lock in enic_probe\n (bsc#1051510).\n\n - ethtool: fix a privilege escalation bug (bsc#1076830).\n\n - ext2, dax: set ext2_dax_aops for dax files\n (bsc#1112554).\n\n - ext4: avoid arithemetic overflow that can trigger a BUG\n (bsc#1112736).\n\n - ext4: avoid divide by zero fault when deleting corrupted\n inline directories (bsc#1112735).\n\n - ext4: check for NUL characters in extended attribute's\n name (bsc#1112732).\n\n - ext4: check to make sure the rename(2)'s destination is\n not freed (bsc#1112734).\n\n - ext4: do not mark mmp buffer head dirty (bsc#1112743).\n\n - ext4: fix online resize's handling of a too-small final\n block group (bsc#1112739).\n\n - ext4: fix online resizing for bigalloc file systems with\n a 1k block size (bsc#1112740).\n\n - ext4: fix spectre gadget in ext4_mb_regular_allocator()\n (bsc#1112733).\n\n - ext4: recalucate superblock checksum after updating free\n blocks/inodes (bsc#1112738).\n\n - ext4: reset error code in ext4_find_entry in fallback\n (bsc#1112731).\n\n - ext4: show test_dummy_encryption mount option in\n /proc/mounts (bsc#1112741).\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak\n (bsc#1051510).\n\n - fs/quota: Fix spectre gadget in do_quotactl\n (bsc#1112745).\n\n - hfsplus: do not return 0 when fill_super() failed\n (bsc#1051510).\n\n - hfsplus: stop workqueue when fill_super() failed\n (bsc#1051510).\n\n - hfs: prevent crash on exit from failed search\n (bsc#1051510).\n\n - hid: hid-sensor-hub: Force logical minimum to 1 for\n power and report state (bsc#1051510).\n\n - hid: quirks: fix support for Apple Magic Keyboards\n (bsc#1051510).\n\n - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix\n 2 sensor hub report (bsc#1051510).\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hv_netvsc: fix schedule in RCU context ().\n\n - hwrng: core - document the quality field (bsc#1051510).\n\n - hypfs_kill_super(): deal with failed allocations\n (bsc#1051510).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data\n (bsc#1051510).\n\n - i2c: rcar: cleanup DMA for all kinds of failure\n (bsc#1051510).\n\n - iio: adc: at91: fix acking DRDY irq on simple\n conversions (bsc#1051510).\n\n - iio: adc: at91: fix wrong channel number in triggered\n buffer mode (bsc#1051510).\n\n - iio: adc: imx25-gcq: Fix leak of device_node in\n mx25_gcq_setup_cfgs() (bsc#1051510).\n\n - input: atakbd - fix Atari CapsLock behaviour\n (bsc#1051510).\n\n - input: atakbd - fix Atari keymap (bsc#1051510).\n\n - intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n\n - iommu/arm-smmu: Error out only if not enough context\n interrupts (bsc#1106237).\n\n - iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n\n - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n\n - iommu/vt-d: Fix scatterlist offset handling\n (bsc#1106237).\n\n - iwlwifi: dbg: do not crash if the firmware crashes in\n the middle of a debug dump (bsc#1051510).\n\n - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n\n - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI\n (bsc#1051510).\n\n - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping\n the interface (bsc#1051510).\n\n - iwlwifi: mvm: open BA session only when sta is\n authorized (bsc#1051510).\n\n - iwlwifi: mvm: send BCAST management frames to the right\n station (bsc#1051510).\n\n - iwlwifi: pcie: gen2: build A-MSDU only for GSO\n (bsc#1051510).\n\n - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return\n value (bsc#1051510).\n\n - jbd2: fix use after free in jbd2_log_do_checkpoint()\n (bsc#1113257).\n\n - kABI: Hide get_msr_feature() in kvm_x86_ops\n (bsc#1106240).\n\n - Kbuild: fix # escaping in .cmd files for future Make\n (git-fixes).\n\n - kernfs: update comment about kernfs_path() return value\n (bsc#1051510).\n\n - kprobes/x86: Fix %p uses in error messages\n (bsc#1110006).\n\n - ksm: fix unlocked iteration over vmas in\n cmp_and_merge_page() (VM Functionality bsc#1111806).\n\n - kvm: Make VM ioctl do valloc for some archs\n (bsc#1111506).\n\n - kvm: SVM: Add MSR-based feature support for serializing\n LFENCE (bsc#1106240).\n\n - kvm: VMX: support MSR_IA32_ARCH_CAPABILITIES as a\n feature MSR (bsc#1106240).\n\n - kvm: VMX: Tell the nested hypervisor to skip L1D flush\n on vmentry (bsc#1106240).\n\n - kvm: x86: Add a framework for supporting MSR-based\n features (bsc#1106240).\n\n - kvm: x86: define SVM/VMX specific\n kvm_arch_[alloc|free]_vm (bsc#1111506).\n\n - kvm: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n\n - kvm/x86: kABI fix for vm_alloc/vm_free changes\n (bsc#1111506).\n\n - kvm: x86: Set highest physical address bits in\n non-present/reserved SPTEs (bsc#1106240).\n\n - libertas: call into generic suspend code before turning\n off power (bsc#1051510).\n\n - libnvdimm, dimm: Maximize label transfer size\n (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: change nvdimm_num_label_slots per UEFI\n 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: Fix sparse warning (bsc#1111921,\n bsc#1113408, bsc#1113972).\n\n - lib/ubsan: add type mismatch handler for new GCC/Clang\n (bsc#1051510).\n\n - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n\n - loop: add recursion validation to LOOP_CHANGE_FD\n (bsc#1112711).\n\n - loop: do not call into filesystem while holding\n lo_ctl_mutex (bsc#1112710).\n\n - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n\n - mac80211: minstrel: fix using short preamble CCK rates\n on HT clients (bsc#1051510).\n\n - mach64: detect the dot clock divider correctly on sparc\n (bsc#1051510).\n\n - media: af9035: prevent buffer overflow on write\n (bsc#1051510).\n\n - media: cx231xx: fix potential sign-extension overflow on\n large shift (bsc#1051510).\n\n - media: dvb: fix compat ioctl translation (bsc#1051510).\n\n - media: em28xx: fix input name for Terratec AV 350\n (bsc#1051510).\n\n - media: em28xx: use a default format if TRY_FMT fails\n (bsc#1051510).\n\n - media: pci: cx23885: handle adding to list failure\n (bsc#1051510).\n\n - media: tvp5150: avoid going past array on\n v4l2_querymenu() (bsc#1051510).\n\n - media: tvp5150: fix switch exit in set control handler\n (bsc#1051510).\n\n - media: tvp5150: fix width alignment during\n set_selection() (bsc#1051510).\n\n - media: uvcvideo: Fix uvc_alloc_entity() allocation\n alignment (bsc#1051510).\n\n - media: v4l2-tpg: fix kernel oops when enabling HFLIP and\n OSD (bsc#1051510).\n\n - media: vsp1: Fix YCbCr planar formats pitch calculation\n (bsc#1051510).\n\n - mfd: arizona: Correct calling of runtime_put_sync\n (bsc#1051510).\n\n - mmc: block: avoid multiblock reads for the last sector\n in SPI mode (bsc#1051510).\n\n - mm: fix BUG_ON() in vmf_insert_pfn_pud() from\n VM_MIXEDMAP removal (bsc#1111841).\n\n - mm/migrate: Use spin_trylock() while resetting rate\n limit ().\n\n - mm: /proc/pid/pagemap: hide swap entries from\n unprivileged users (Git-fixes bsc#1109907).\n\n - move changes without Git-commit out of sorted section\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup\n (bsc#1051510).\n\n - nfs: Avoid quadratic search when freeing delegations\n (bsc#1084760).\n\n - nvdimm: Clarify comment in sizeof_namespace_index\n (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Remove empty if statement (bsc#1111921,\n bsc#1113408, bsc#1113972).\n\n - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408,\n bsc#1113972).\n\n - nvdimm: Split label init out from the logic for getting\n config data (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Use namespace index data to reduce number of\n label reads needed (bsc#1111921, bsc#1113408,\n bsc#1113972).\n\n - of: add helper to lookup compatible child node\n (bsc#1106110)\n\n - orangefs: fix deadlock; do not write i_size in read_iter\n (bsc#1051510).\n\n - orangefs: initialize op on loop restart in\n orangefs_devreq_read (bsc#1051510).\n\n - orangefs_kill_sb(): deal with allocation failures\n (bsc#1051510).\n\n - orangefs: use list_for_each_entry_safe in\n purge_waiting_ops (bsc#1051510).\n\n - ovl: fix format of setxattr debug (git-fixes).\n\n - ovl: Sync upper dirty data when syncing overlayfs\n (git-fixes).\n\n - pci/ASPM: Fix link_state teardown on device removal\n (bsc#1051510).\n\n - pci: hv: Do not wait forever on a device that has\n disappeared (bsc#1109806).\n\n - pci: Reprogram bridge prefetch registers on resume\n (bsc#1051510).\n\n - powerpc/mm/hugetlb: initialize the pagetable cache\n correctly for hugetlb (bsc#1091800).\n\n - powerpc/powernv/ioda2: Reduce upper limit for DMA window\n size (bsc#1055120).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU\n hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906,\n git-fixes).\n\n - powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on\n /cpus' during DLPAR (bsc#1113295).\n\n - powerpc: pseries: remove dlpar_attach_node dependency on\n full path (bsc#1113295).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline &\n Migration (bsc#1111870).\n\n - printk: drop in_nmi check from\n printk_safe_flush_on_panic() (bsc#1112170).\n\n - printk/tracing: Do not trace printk_nmi_enter()\n (bsc#1112208).\n\n - proc: restrict kernel stack dumps to root (git-fixes).\n blacklist.conf :\n\n - qmi_wwan: Added support for Gemalto's Cinterion ALASxx\n WWAN interface (bsc#1051510).\n\n - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing\n RTL_FLAG_TASK_ENABLED (bsc#1051510).\n\n - random: rate limit unseeded randomness warnings\n (git-fixes).\n\n - rculist: add list_for_each_entry_from_rcu()\n (bsc#1084760).\n\n - rculist: Improve documentation for\n list_for_each_entry_from_rcu() (bsc#1084760).\n\n - reiserfs: add check to detect corrupted directory entry\n (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries\n (bsc#1109818).\n\n - scsi: core: Allow state transitions from OFFLINE to\n BLOCKED (bsc#1112246).\n\n - scsi: ipr: Eliminate duplicate barriers ().\n\n - scsi: ipr: fix incorrect indentation of assignment\n statement ().\n\n - scsi: ipr: Use dma_pool_zalloc() ().\n\n - scsi: libfc: check fc_frame_payload_get() return value\n for null (bsc#1104731).\n\n - scsi: libfc: retry PRLI if we cannot analyse the payload\n (bsc#1104731).\n\n - scsi: qla2xxx: Fix memory leak for allocating abort IOCB\n (bsc#1111830).\n\n - scsi: target: prefer dbroot of /etc/target over\n /var/target (bsc#1111928).\n\n - serial: 8250: Fix clearing FIFOs in RS485 mode again\n (bsc#1051510).\n\n - series.conf: moved some Xen patches to the sorted region\n xen/blkfront: correct purging of persistent grants\n (bnc#1112514).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes\n (bsc#1110006).\n\n - smb2: fix missing files in root share directory listing\n (bsc#1112907).\n\n - smb3: fill in statfs fsid and correct namelen\n (bsc#1112905).\n\n - smb3: fix reset of bytes read and written stats\n (bsc#1112906).\n\n - smb3: on reconnect set PreviousSessionId field\n (bsc#1112899).\n\n - sock_diag: fix use-after-free read in __sk_free\n (bsc#1051510).\n\n - soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n\n - sound: do not call skl_init_chip() to reset intel skl\n soc (bsc#1051510).\n\n - sound: enable interrupt after dma buffer initialization\n (bsc#1051510).\n\n - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n\n - spi: bcm-qspi: switch back to reading flash using\n smaller chunks (bsc#1051510).\n\n - spi: sh-msiof: fix deferred probing (bsc#1051510).\n\n - squashfs: more metadata hardening (bsc#1051510).\n\n - staging: comedi: ni_mio_common: protect register write\n overflow (bsc#1051510).\n\n - stm: Potential read overflow in\n stm_char_policy_set_ioctl() (bsc#1051510).\n\n - switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n\n - sysfs: Do not return POSIX ACL xattrs via listxattr\n (git-fixes).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing\n (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout\n (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat\n (bsc#1095805).\n\n - team: Forbid enslaving team device to itself\n (bsc#1051510).\n\n - tools build: fix # escaping in .cmd files for future\n Make (git-fixes).\n\n - tools/vm/page-types.c: fix 'defined but not used'\n warning (bsc#1051510).\n\n - tools/vm/slabinfo.c: fix sign-compare warning\n (bsc#1051510).\n\n - tracing: Add barrier to trace_printk() buffer nesting\n modification (bsc#1112219).\n\n - tty: fix data race between tty_init_dev and flush of buf\n (bnc#1105428).\n\n - tty: Hold tty_ldisc_lock() during tty_reopen()\n (bnc#1105428).\n\n - tty/ldsem: Add lockdep asserts for ldisc_sem\n (bnc#1105428).\n\n - tty/ldsem: Convert to regular lockdep annotations\n (bnc#1105428).\n\n - tty/ldsem: Decrement wait_readers on timeouted\n down_read() (bnc#1105428).\n\n - tty/ldsem: Wake up readers after timed out down_write()\n (bnc#1105428).\n\n - tty: Simplify tty->count math in tty_reopen()\n (bnc#1105428).\n\n - usb: chipidea: Prevent unbalanced IRQ disable\n (bsc#1051510).\n\n - usb: gadget: fotg210-udc: Fix memory leak of\n fotg210->ep[i] (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: check allocation return value\n and cleanup on failure (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: fixup struct_udc_setup\n documentation (bsc#1051510).\n\n - usbip: tools: fix atoi() on non-null terminated string\n (bsc#1051510).\n\n - usb: remove LPM management from\n usb_driver_claim_interface() (bsc#1051510).\n\n - usb: serial: cypress_m8: fix interrupt-out transfer\n length (bsc#1051510).\n\n - usb: serial: simple: add Motorola Tetra MTP6550 id\n (bsc#1051510).\n\n - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n\n - usb: yurex: Check for truncation in yurex_read()\n (bsc#1051510).\n\n - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait()\n pte access (bsc#1109739).\n\n - Use upstream version of pci-hyperv patch (35a88a1)\n\n - vmbus: do not return values for uninitalized channels\n (bsc#1051510).\n\n - vti4: Do not count header length twice on tunnel setup\n (bsc#1051510).\n\n - vti6: fix PMTU caching and reporting on xmit\n (bsc#1051510).\n\n - vti6: remove !skb->ignore_df check from vti6_xmit()\n (bsc#1051510).\n\n - Workaround for mysterious NVMe breakage with i915 CFL\n (bsc#1111040).\n\n - x86/acpi: Prevent X2APIC id 0xffffffff from being\n accounted (bsc#1110006).\n\n - x86/boot/KASLR: Work around firmware bugs by excluding\n EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice\n (bnc#1112878).\n\n - x86/boot: Move EISA setup to a separate file\n (bsc#1110006).\n\n - x86/cpufeature: Add User-Mode Instruction Prevention\n definitions (bsc#1110006).\n\n - x86/cpufeatures: Add Intel Total Memory Encryption\n cpufeature (bsc#1110006).\n\n - x86/eisa: Add missing include (bsc#1110006).\n\n - x86/EISA: Do not probe EISA bus for Xen PV guests\n (bsc#1110006).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/kasan: Panic if there is not enough memory to boot\n (bsc#1110006).\n\n - x86/MCE: Fix stack out-of-bounds write in mce-inject.c:\n Flags_read() (bsc#1110006).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit()\n on 32bit (bsc#1105536).\n\n - x86/time: Correct the attribute on jiffies' definition\n (bsc#1110006).\n\n - xen/gntdev: avoid out of bounds access in case of\n partial gntdev_mmap() (bnc#1065600).\n\n - xen: Remove unnecessary BUG_ON from __unbind_from_irq()\n (bnc#1065600).\n\n - xen-swiotlb: fix the check condition for\n xen_swiotlb_free_coherent (bnc#1065600).\n\n - xfrm: use complete IPv6 addresses for hash\n (bsc#1109330).\n\n - xfs: do not fail when converting shortform attr to long\n form during ATTR_REPLACE (bsc#1105025).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point\n xHCI (bsc#1051510).\n\n - xhci: Do not print a warning when setting link state for\n disabled ports (bsc#1051510).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1066674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112736\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113972\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-docs-html-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-macros-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-qa-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-vanilla-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-syms-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:30:21", "description": "The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\nCVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n\nCVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\nCVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n\nCVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-29T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3934-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16533", "CVE-2017-18224", "CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18386", "CVE-2018-18445", "CVE-2018-18710"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3934-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119286", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3934-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119286);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/18\");\n\n script_cve_id(\"CVE-2017-16533\", \"CVE-2017-18224\", \"CVE-2018-10940\", \"CVE-2018-16658\", \"CVE-2018-18386\", \"CVE-2018-18445\", \"CVE-2018-18710\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3934-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to\nreceive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-18710: An information leak in cdrom_ioctl_select_disc in\ndrivers/cdrom/cdrom.c could be used by local attackers to read kernel\nmemory because a cast from unsigned long to int interferes with bounds\nchecking. This is similar to CVE-2018-10940 and CVE-2018-16658\n(bnc#1113751).\n\nCVE-2018-18445: Faulty computation of numeric bounds in the BPF\nverifier permits out-of-bounds memory accesses because\nadjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit\nright shifts (bnc#1112372).\n\nCVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are\nable to access pseudo terminals) to hang/block further usage of any\npseudo terminal devices due to an EXTPROC versus ICANON confusion in\nTIOCINQ (bnc#1094825).\n\nCVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and\nconsequently has a race condition for access to the extent tree during\nread operations in DIRECT mode, which allowed local users to cause a\ndenial of service (BUG) by modifying a certain e_cpos field\n(bnc#1084831).\n\nCVE-2017-16533: The usbhid_parse function in\ndrivers/hid/usbhid/hid-core.c allowed local users to cause a denial of\nservice (out-of-bounds read and system crash) or possibly have\nunspecified other impact via a crafted USB device (bnc#1066674).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1055120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1061840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1066674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086196\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101138\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106838\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1111983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112736\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1112907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113780\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1113972\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-16533/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18224/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18386/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18445/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-18710/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2ceadc2\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2018-2803=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.12.14-6.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.12.14-6.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:29:41", "description": "It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3847-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10902", "CVE-2018-12896", "CVE-2018-14734", "CVE-2018-16276", "CVE-2018-18445", "CVE-2018-18690", "CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-3847-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119827", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3847-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119827);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3847-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3847-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that a race condition existed in the raw MIDI driver\nfor the Linux kernel, leading to a double free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in\nthe Infiniband implementation in the Linux kernel. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux\nkernel did not properly restrict user space reads or writes. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS\nfile system in the Linux kernel in certain situations could cause an\nerror condition to occur. A local attacker could use this to cause a\ndenial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3847-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3847-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1026-gcp\", pkgver:\"4.15.0-1026.27\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1028-kvm\", pkgver:\"4.15.0-1028.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1030-oem\", pkgver:\"4.15.0-1030.35\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1030-raspi2\", pkgver:\"4.15.0-1030.32\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1031-aws\", pkgver:\"4.15.0-1031.33\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-1036-azure\", pkgver:\"4.15.0-1036.38\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-43-generic\", pkgver:\"4.15.0-43.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-43-generic-lpae\", pkgver:\"4.15.0-43.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-43-lowlatency\", pkgver:\"4.15.0-43.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-4.15.0-43-snapdragon\", pkgver:\"4.15.0-43.46\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-aws\", pkgver:\"4.15.0.1031.30\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1036.36\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1026.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic\", pkgver:\"4.15.0.43.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.15.0.43.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1026.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-kvm\", pkgver:\"4.15.0.1028.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.15.0.43.45\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-oem\", pkgver:\"4.15.0.1030.35\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.15.0.1030.28\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.15.0.43.45\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-azure / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:28:05", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\n - CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n\n - CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed :\n\n - acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n\n - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n\n - alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n\n - alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n\n - alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n\n - alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n\n - alsa: hda: fix unused variable warning (bsc#1051510).\n\n - alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n\n - alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).\n\n - apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n\n - ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n\n - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n\n - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n\n - ASoC: rsnd: do not fallback to PIO mode when\n -EPROBE_DEFER (bsc#1051510).\n\n - ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n\n - ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n\n - ASoC: wm8804: Add ACPI support (bsc#1051510).\n\n - ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n\n - ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n\n - batman-adv: Avoid probe ELP information leak (bsc#1051510).\n\n - batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n\n - batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n\n - bdi: Fix another oops in wb_workfn() (bsc#1112746).\n\n - bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n\n - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n\n - blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n\n - block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n\n - block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n\n - block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n\n - bpf/verifier: disallow pointer subtraction (bsc#1083647).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n\n - btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n\n - btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n\n - btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n\n - btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n\n - cdc-acm: fix race between reset and control messaging (bsc#1051510).\n\n - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n\n - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n\n - clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n\n - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n\n - clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n\n - coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n\n - crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n\n - crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n\n - crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n\n - crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n\n - dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n\n - debugobjects: Make stack check warning more informative (bsc#1051510).\n\n - documentation/l1tf: Fix small spelling typo (bsc#1051510).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n\n - drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n\n - drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n\n - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n\n - drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n\n - drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n\n - drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n\n - drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n\n - drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n\n - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n\n - drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n\n - drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n\n - drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n\n - drm/msm: fix OF child-node lookup (bsc#1106110)\n\n - drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n\n - drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n\n - drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n\n - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n\n - e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n\n - eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n\n - eeprom: at24: check at24_read/write arguments (bsc#1051510).\n\n - eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n\n - enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n\n - enic: handle mtu change for vf properly (bsc#1051510).\n\n - enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n\n - ethtool: fix a privilege escalation bug (bsc#1076830).\n\n - ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n\n - ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n\n - ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n\n - ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n\n - ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n\n - ext4: do not mark mmp buffer head dirty (bsc#1112743).\n\n - ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n\n - ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n\n - ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n\n - ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n\n - ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n\n - ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n\n - fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n\n - hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n\n - hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n\n - hfs: prevent crash on exit from failed search (bsc#1051510).\n\n - hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n\n - hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n\n - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hv_netvsc: fix schedule in RCU context ().\n\n - hwrng: core - document the quality field (bsc#1051510).\n\n - hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n\n - i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n\n - iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n\n - iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n\n - iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n\n - input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n\n - input: atakbd - fix Atari keymap (bsc#1051510).\n\n - intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n\n - iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n\n - iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n\n - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n\n - iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n\n - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n\n - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n\n - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n\n - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n\n - iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n\n - iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n\n - iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n\n - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n\n - jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n\n - kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n\n - Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n\n - kernfs: update comment about kernfs_path() return value (bsc#1051510).\n\n - kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n\n - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n\n - kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n\n - kvm: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n\n - kvm: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n\n - kvm: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n\n - kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n\n - kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n\n - kvm: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n\n - kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n\n - kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n\n - libertas: call into generic suspend code before turning off power (bsc#1051510).\n\n - libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n\n - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n\n - loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n\n - loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n\n - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n\n - mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n\n - mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n\n - media: af9035: prevent buffer overflow on write (bsc#1051510).\n\n - media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n\n - media: dvb: fix compat ioctl translation (bsc#1051510).\n\n - media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n\n - media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n\n - media: pci: cx23885: handle adding to list failure (bsc#1051510).\n\n - media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n\n - media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n\n - media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n\n - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n\n - media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n\n - media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n\n - mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n\n - mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n\n - mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n\n - mm/migrate: Use spin_trylock() while resetting rate limit ().\n\n - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n\n - move changes without Git-commit out of sorted section\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n\n - nfs: Avoid quadratic search when freeing delegations (bsc#1084760).\n\n - nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - of: add helper to lookup compatible child node (bsc#1106110)\n\n - orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n\n - orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n\n - orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n\n - orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n\n - ovl: fix format of setxattr debug (git-fixes).\n\n - ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n\n - pci/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n\n - pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n\n - pci: Reprogram bridge prefetch registers on resume (bsc#1051510).\n\n - powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n\n - powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n\n - powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n\n - powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n\n - printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n\n - printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n\n - proc: restrict kernel stack dumps to root (git-fixes).\n blacklist.conf :\n\n - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n\n - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n\n - random: rate limit unseeded randomness warnings (git-fixes).\n\n - rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n\n - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n\n - reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries (bsc#1109818).\n\n - scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n\n - scsi: ipr: Eliminate duplicate barriers ().\n\n - scsi: ipr: fix incorrect indentation of assignment statement ().\n\n - scsi: ipr: Use dma_pool_zalloc() ().\n\n - scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n\n - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n\n - scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n\n - scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n\n - serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n\n - series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n\n - smb2: fix missing files in root share directory listing (bsc#1112907).\n\n - smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n\n - smb3: fix reset of bytes read and written stats (bsc#1112906).\n\n - smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n\n - sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n\n - soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n\n - sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n\n - sound: enable interrupt after dma buffer initialization (bsc#1051510).\n\n - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n\n - spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n\n - spi: sh-msiof: fix deferred probing (bsc#1051510).\n\n - squashfs: more metadata hardening (bsc#1051510).\n\n - staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n\n - stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n\n - switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n\n - sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n\n - team: Forbid enslaving team device to itself (bsc#1051510).\n\n - tools build: fix # escaping in .cmd files for future Make (git-fixes).\n\n - tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n\n - tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n\n - tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n\n - tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n\n - tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n\n - tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n\n - tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n\n - tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n\n - tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n\n - tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n\n - usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n\n - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n\n - usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n\n - usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n\n - usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n\n - usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n\n - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n\n - usb: yurex: Check for truncation in yurex_read() (bsc#1051510).\n\n - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n\n - Use upstream version of pci-hyperv patch (35a88a1)\n\n - vmbus: do not return values for uninitalized channels (bsc#1051510).\n\n - vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n\n - vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n\n - vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n\n - Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n\n - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n\n - x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).\n\n - x86/boot: Move EISA setup to a separate file (bsc#1110006).\n\n - x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n\n - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n\n - x86/eisa: Add missing include (bsc#1110006).\n\n - x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n\n - x86/MCE: Fix stack out-of-bounds write in mce-inject.c:\n Flags_read() (bsc#1110006).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n\n - x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n\n - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n\n - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n\n - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n\n - xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n\n - xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n\n - xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-893)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16533", "CVE-2017-18224", "CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18386", "CVE-2018-18445", "CVE-2018-18710"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-893.NASL", "href": "https://www.tenable.com/plugins/nessus/123366", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-893.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123366);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-16533\", \"CVE-2017-18224\", \"CVE-2018-10940\", \"CVE-2018-16658\", \"CVE-2018-18386\", \"CVE-2018-18445\", \"CVE-2018-18710\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-893)\");\n script_summary(english:\"Check for the openSUSE-2019-893 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.0 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18710: An information leak in\n cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could\n be used by local attackers to read kernel memory because\n a cast from unsigned long to int interferes with bounds\n checking. This is similar to CVE-2018-10940 and\n CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18445: Faulty computation of numeric bounds in\n the BPF verifier permitted out-of-bounds memory accesses\n because adjust_scalar_min_max_vals in\n kernel/bpf/verifier.c mishandled 32-bit right shifts\n (bnc#1112372).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local\n attackers (who are able to access pseudo terminals) to\n hang/block further usage of any pseudo terminal devices\n due to an EXTPROC versus ICANON confusion in TIOCINQ\n (bnc#1094825).\n\n - CVE-2017-18224: fs/ocfs2/aops.c omitted use of a\n semaphore and consequently has a race condition for\n access to the extent tree during read operations in\n DIRECT mode, which allowed local users to cause a denial\n of service (BUG) by modifying a certain e_cpos field\n (bnc#1084831).\n\n - CVE-2017-16533: The usbhid_parse function in\n drivers/hid/usbhid/hid-core.c allowed local users to\n cause a denial of service (out-of-bounds read and system\n crash) or possibly have unspecified other impact via a\n crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed :\n\n - acpi / processor: Fix the return value of\n acpi_processor_ids_walk() (bsc#1051510).\n\n - aio: fix io_destroy(2) vs. lookup_ioctx() race\n (git-fixes).\n\n - alsa: hda: Add 2 more models to the power_save blacklist\n (bsc#1051510).\n\n - alsa: hda - Add mic quirk for the Lenovo G50-30\n (17aa:3905) (bsc#1051510).\n\n - alsa: hda - Add quirk for ASUS G751 laptop\n (bsc#1051510).\n\n - alsa: hda - Fix headphone pin config for ASUS G751\n (bsc#1051510).\n\n - alsa: hda: fix unused variable warning (bsc#1051510).\n\n - alsa: hda/realtek - Fix the problem of the front MIC on\n the Lenovo M715 (bsc#1051510).\n\n - alsa: usb-audio: update quirk for B&W PX to remove\n microphone (bsc#1051510).\n\n - apparmor: Check buffer bounds when mapping permissions\n mask (git-fixes).\n\n - ASoC: intel: skylake: Add missing break in\n skl_tplg_get_token() (bsc#1051510).\n\n - ASoC: Intel: Skylake: Reset the controller in probe\n (bsc#1051510).\n\n - ASoC: rsnd: adg: care clock-frequency size\n (bsc#1051510).\n\n - ASoC: rsnd: do not fallback to PIO mode when\n -EPROBE_DEFER (bsc#1051510).\n\n - ASoC: rt5514: Fix the issue of the delay volume applied\n again (bsc#1051510).\n\n - ASoC: sigmadsp: safeload should not have lower byte\n limit (bsc#1051510).\n\n - ASoC: wm8804: Add ACPI support (bsc#1051510).\n\n - ath10k: fix kernel panic issue during pci probe\n (bsc#1051510).\n\n - ath10k: fix scan crash due to incorrect length\n calculation (bsc#1051510).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait\n (bsc#1051510).\n\n - batman-adv: Avoid probe ELP information leak\n (bsc#1051510).\n\n - batman-adv: fix backbone_gw refcount on queue_work()\n failure (bsc#1051510).\n\n - batman-adv: fix hardif_neigh refcount on queue_work()\n failure (bsc#1051510).\n\n - bdi: Fix another oops in wb_workfn() (bsc#1112746).\n\n - bdi: Preserve kabi when adding cgwb_release_mutex\n (bsc#1112746).\n\n - blkdev_report_zones_ioctl(): Use vmalloc() to allocate\n large buffers (bsc#1111819).\n\n - blk-mq: I/O and timer unplugs are inverted in blktrace\n (bsc#1112713).\n\n - block, bfq: fix wrong init of saved start time for\n weight raising (bsc#1112708).\n\n - block: bfq: swap puts in bfqg_and_blkg_put\n (bsc#1112712).\n\n - block: bvec_nr_vecs() returns value for wrong slab\n (bsc#1111834).\n\n - bpf/verifier: disallow pointer subtraction\n (bsc#1083647).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error\n better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole\n filesystem (bsc#1113667).\n\n - btrfs: fix file data corruption after cloning a range\n and fsync (bsc#1111901).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot\n (Git-fixes bsc#1109919).\n\n - btrfs: fix mount failure after fsync due to hard link\n recreation (bsc#1103543).\n\n - btrfs: handle errors while updating refcounts in\n update_ref_for_cow (Git-fixes bsc#1109915).\n\n - btrfs: send, fix invalid access to commit roots due to\n concurrent snapshotting (bsc#1111904).\n\n - cdc-acm: fix race between reset and control messaging\n (bsc#1051510).\n\n - ceph: avoid a use-after-free in ceph_destroy_options()\n (bsc#1111983).\n\n - cifs: check for STATUS_USER_SESSION_DELETED\n (bsc#1112902).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - clk: x86: add 'ether_clk' alias for Bay Trail / Cherry\n Trail (bsc#1051510).\n\n - clk: x86: Stop marking clocks as CLK_IS_CRITICAL\n (bsc#1051510).\n\n - clocksource/drivers/ti-32k: Add\n CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs\n (bsc#1051510).\n\n - clocksource/drivers/timer-atmel-pit: Properly handle\n error cases (bsc#1051510).\n\n - coda: fix 'kernel memory exposure attempt' in fsync\n (bsc#1051510).\n\n - crypto: caam - fix implicit casts in endianness helpers\n (bsc#1051510).\n\n - crypto: chelsio - Fix memory corruption in DMA Mapped\n buffers (bsc#1051510).\n\n - crypto: lrw - Fix out-of bounds access on counter\n overflow (bsc#1051510).\n\n - crypto: tcrypt - fix ghash-generic speed test\n (bsc#1051510).\n\n - dax: Fix deadlock in dax_lock_mapping_entry()\n (bsc#1109951).\n\n - debugobjects: Make stack check warning more informative\n (bsc#1051510).\n\n - documentation/l1tf: Fix small spelling typo\n (bsc#1051510).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7\n (bsc#1051510).\n\n - drm/amdgpu: Fix vce work queue was not cancelled when\n suspend (bsc#1106110)\n\n - drm/amdgpu/powerplay: fix missing break in switch\n statements (bsc#1113722)\n\n - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions\n (bsc#1051510).\n\n - drm/hisilicon: hibmc: Do not carry error code in HiBMC\n framebuffer (bsc#1113722)\n\n - drm/hisilicon: hibmc: Do not overwrite fb helper surface\n depth (bsc#1113722)\n\n - drm/i915/audio: Hook up component bindings even if\n displays are (bsc#1113722)\n\n - drm/i915/dp: Link train Fallback on eDP only if fallback\n link BW can fit panel's native mode (bsc#1051510).\n\n - drm/i915/gen9+: Fix initial readout for Y tiled\n framebuffers (bsc#1113722)\n\n - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues\n (bsc#1051510).\n\n - drm/i915: Restore vblank interrupts earlier\n (bsc#1051510).\n\n - drm: mali-dp: Call drm_crtc_vblank_reset on device init\n (bsc#1051510).\n\n - drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n\n - drm/msm: fix OF child-node lookup (bsc#1106110)\n\n - drm/nouveau: Do not disable polling in fallback mode\n (bsc#1103356).\n\n - drm/sti: do not remove the drm_bridge that was never\n added (bsc#1100132)\n\n - drm/sun4i: Fix an ulong overflow in the dotclock driver\n (bsc#1106110)\n\n - drm/virtio: fix bounds check in\n virtio_gpu_cmd_get_capset() (bsc#1113722)\n\n - e1000: check on netif_running() before calling\n e1000_up() (bsc#1051510).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam()\n (bsc#1051510).\n\n - eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n\n - eeprom: at24: check at24_read/write arguments\n (bsc#1051510).\n\n - eeprom: at24: correctly set the size for at24mac402\n (bsc#1051510).\n\n - enic: do not call enic_change_mtu in enic_probe\n (bsc#1051510).\n\n - enic: handle mtu change for vf properly (bsc#1051510).\n\n - enic: initialize enic->rfs_h.lock in enic_probe\n (bsc#1051510).\n\n - ethtool: fix a privilege escalation bug (bsc#1076830).\n\n - ext2, dax: set ext2_dax_aops for dax files\n (bsc#1112554).\n\n - ext4: avoid arithemetic overflow that can trigger a BUG\n (bsc#1112736).\n\n - ext4: avoid divide by zero fault when deleting corrupted\n inline directories (bsc#1112735).\n\n - ext4: check for NUL characters in extended attribute's\n name (bsc#1112732).\n\n - ext4: check to make sure the rename(2)'s destination is\n not freed (bsc#1112734).\n\n - ext4: do not mark mmp buffer head dirty (bsc#1112743).\n\n - ext4: fix online resize's handling of a too-small final\n block group (bsc#1112739).\n\n - ext4: fix online resizing for bigalloc file systems with\n a 1k block size (bsc#1112740).\n\n - ext4: fix spectre gadget in ext4_mb_regular_allocator()\n (bsc#1112733).\n\n - ext4: recalucate superblock checksum after updating free\n blocks/inodes (bsc#1112738).\n\n - ext4: reset error code in ext4_find_entry in fallback\n (bsc#1112731).\n\n - ext4: show test_dummy_encryption mount option in\n /proc/mounts (bsc#1112741).\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak\n (bsc#1051510).\n\n - fs/quota: Fix spectre gadget in do_quotactl\n (bsc#1112745).\n\n - hfsplus: do not return 0 when fill_super() failed\n (bsc#1051510).\n\n - hfsplus: stop workqueue when fill_super() failed\n (bsc#1051510).\n\n - hfs: prevent crash on exit from failed search\n (bsc#1051510).\n\n - hid: hid-sensor-hub: Force logical minimum to 1 for\n power and report state (bsc#1051510).\n\n - hid: quirks: fix support for Apple Magic Keyboards\n (bsc#1051510).\n\n - hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix\n 2 sensor hub report (bsc#1051510).\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hv_netvsc: fix schedule in RCU context ().\n\n - hwrng: core - document the quality field (bsc#1051510).\n\n - hypfs_kill_super(): deal with failed allocations\n (bsc#1051510).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data\n (bsc#1051510).\n\n - i2c: rcar: cleanup DMA for all kinds of failure\n (bsc#1051510).\n\n - iio: adc: at91: fix acking DRDY irq on simple\n conversions (bsc#1051510).\n\n - iio: adc: at91: fix wrong channel number in triggered\n buffer mode (bsc#1051510).\n\n - iio: adc: imx25-gcq: Fix leak of device_node in\n mx25_gcq_setup_cfgs() (bsc#1051510).\n\n - input: atakbd - fix Atari CapsLock behaviour\n (bsc#1051510).\n\n - input: atakbd - fix Atari keymap (bsc#1051510).\n\n - intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n\n - iommu/arm-smmu: Error out only if not enough context\n interrupts (bsc#1106237).\n\n - iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n\n - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n\n - iommu/vt-d: Fix scatterlist offset handling\n (bsc#1106237).\n\n - iwlwifi: dbg: do not crash if the firmware crashes in\n the middle of a debug dump (bsc#1051510).\n\n - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n\n - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI\n (bsc#1051510).\n\n - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping\n the interface (bsc#1051510).\n\n - iwlwifi: mvm: open BA session only when sta is\n authorized (bsc#1051510).\n\n - iwlwifi: mvm: send BCAST management frames to the right\n station (bsc#1051510).\n\n - iwlwifi: pcie: gen2: build A-MSDU only for GSO\n (bsc#1051510).\n\n - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return\n value (bsc#1051510).\n\n - jbd2: fix use after free in jbd2_log_do_checkpoint()\n (bsc#1113257).\n\n - kABI: Hide get_msr_feature() in kvm_x86_ops\n (bsc#1106240).\n\n - Kbuild: fix # escaping in .cmd files for future Make\n (git-fixes).\n\n - kernfs: update comment about kernfs_path() return value\n (bsc#1051510).\n\n - kprobes/x86: Fix %p uses in error messages\n (bsc#1110006).\n\n - ksm: fix unlocked iteration over vmas in\n cmp_and_merge_page() (VM Functionality bsc#1111806).\n\n - kvm: Make VM ioctl do valloc for some archs\n (bsc#1111506).\n\n - kvm: SVM: Add MSR-based feature support for serializing\n LFENCE (bsc#1106240).\n\n - kvm: VMX: support MSR_IA32_ARCH_CAPABILITIES as a\n feature MSR (bsc#1106240).\n\n - kvm: VMX: Tell the nested hypervisor to skip L1D flush\n on vmentry (bsc#1106240).\n\n - kvm: x86: Add a framework for supporting MSR-based\n features (bsc#1106240).\n\n - kvm: x86: define SVM/VMX specific\n kvm_arch_[alloc|free]_vm (bsc#1111506).\n\n - kvm: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n\n - kvm/x86: kABI fix for vm_alloc/vm_free changes\n (bsc#1111506).\n\n - kvm: x86: Set highest physical address bits in\n non-present/reserved SPTEs (bsc#1106240).\n\n - libertas: call into generic suspend code before turning\n off power (bsc#1051510).\n\n - libnvdimm, dimm: Maximize label transfer size\n (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: change nvdimm_num_label_slots per UEFI\n 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - libnvdimm, label: Fix sparse warning (bsc#1111921,\n bsc#1113408, bsc#1113972).\n\n - lib/ubsan: add type mismatch handler for new GCC/Clang\n (bsc#1051510).\n\n - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n\n - loop: add recursion validation to LOOP_CHANGE_FD\n (bsc#1112711).\n\n - loop: do not call into filesystem while holding\n lo_ctl_mutex (bsc#1112710).\n\n - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n\n - mac80211: minstrel: fix using short preamble CCK rates\n on HT clients (bsc#1051510).\n\n - mach64: detect the dot clock divider correctly on sparc\n (bsc#1051510).\n\n - media: af9035: prevent buffer overflow on write\n (bsc#1051510).\n\n - media: cx231xx: fix potential sign-extension overflow on\n large shift (bsc#1051510).\n\n - media: dvb: fix compat ioctl translation (bsc#1051510).\n\n - media: em28xx: fix input name for Terratec AV 350\n (bsc#1051510).\n\n - media: em28xx: use a default format if TRY_FMT fails\n (bsc#1051510).\n\n - media: pci: cx23885: handle adding to list failure\n (bsc#1051510).\n\n - media: tvp5150: avoid going past array on\n v4l2_querymenu() (bsc#1051510).\n\n - media: tvp5150: fix switch exit in set control handler\n (bsc#1051510).\n\n - media: tvp5150: fix width alignment during\n set_selection() (bsc#1051510).\n\n - media: uvcvideo: Fix uvc_alloc_entity() allocation\n alignment (bsc#1051510).\n\n - media: v4l2-tpg: fix kernel oops when enabling HFLIP and\n OSD (bsc#1051510).\n\n - media: vsp1: Fix YCbCr planar formats pitch calculation\n (bsc#1051510).\n\n - mfd: arizona: Correct calling of runtime_put_sync\n (bsc#1051510).\n\n - mmc: block: avoid multiblock reads for the last sector\n in SPI mode (bsc#1051510).\n\n - mm: fix BUG_ON() in vmf_insert_pfn_pud() from\n VM_MIXEDMAP removal (bsc#1111841).\n\n - mm/migrate: Use spin_trylock() while resetting rate\n limit ().\n\n - mm: /proc/pid/pagemap: hide swap entries from\n unprivileged users (Git-fixes bsc#1109907).\n\n - move changes without Git-commit out of sorted section\n\n - nfc: nfcmrvl_uart: fix OF child-node lookup\n (bsc#1051510).\n\n - nfs: Avoid quadratic search when freeing delegations\n (bsc#1084760).\n\n - nvdimm: Clarify comment in sizeof_namespace_index\n (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Remove empty if statement (bsc#1111921,\n bsc#1113408, bsc#1113972).\n\n - nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408,\n bsc#1113972).\n\n - nvdimm: Split label init out from the logic for getting\n config data (bsc#1111921, bsc#1113408, bsc#1113972).\n\n - nvdimm: Use namespace index data to reduce number of\n label reads needed (bsc#1111921, bsc#1113408,\n bsc#1113972).\n\n - of: add helper to lookup compatible child node\n (bsc#1106110)\n\n - orangefs: fix deadlock; do not write i_size in read_iter\n (bsc#1051510).\n\n - orangefs: initialize op on loop restart in\n orangefs_devreq_read (bsc#1051510).\n\n - orangefs_kill_sb(): deal with allocation failures\n (bsc#1051510).\n\n - orangefs: use list_for_each_entry_safe in\n purge_waiting_ops (bsc#1051510).\n\n - ovl: fix format of setxattr debug (git-fixes).\n\n - ovl: Sync upper dirty data when syncing overlayfs\n (git-fixes).\n\n - pci/ASPM: Fix link_state teardown on device removal\n (bsc#1051510).\n\n - pci: hv: Do not wait forever on a device that has\n disappeared (bsc#1109806).\n\n - pci: Reprogram bridge prefetch registers on resume\n (bsc#1051510).\n\n - powerpc/mm/hugetlb: initialize the pagetable cache\n correctly for hugetlb (bsc#1091800).\n\n - powerpc/powernv/ioda2: Reduce upper limit for DMA window\n size (bsc#1055120).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU\n hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906,\n git-fixes).\n\n - powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on\n /cpus' during DLPAR (bsc#1113295).\n\n - powerpc: pseries: remove dlpar_attach_node dependency on\n full path (bsc#1113295).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline &\n Migration (bsc#1111870).\n\n - printk: drop in_nmi check from\n printk_safe_flush_on_panic() (bsc#1112170).\n\n - printk/tracing: Do not trace printk_nmi_enter()\n (bsc#1112208).\n\n - proc: restrict kernel stack dumps to root (git-fixes).\n blacklist.conf :\n\n - qmi_wwan: Added support for Gemalto's Cinterion ALASxx\n WWAN interface (bsc#1051510).\n\n - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing\n RTL_FLAG_TASK_ENABLED (bsc#1051510).\n\n - random: rate limit unseeded randomness warnings\n (git-fixes).\n\n - rculist: add list_for_each_entry_from_rcu()\n (bsc#1084760).\n\n - rculist: Improve documentation for\n list_for_each_entry_from_rcu() (bsc#1084760).\n\n - reiserfs: add check to detect corrupted directory entry\n (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries\n (bsc#1109818).\n\n - scsi: core: Allow state transitions from OFFLINE to\n BLOCKED (bsc#1112246).\n\n - scsi: ipr: Eliminate duplicate barriers ().\n\n - scsi: ipr: fix incorrect indentation of assignment\n statement ().\n\n - scsi: ipr: Use dma_pool_zalloc() ().\n\n - scsi: libfc: check fc_frame_payload_get() return value\n for null (bsc#1104731).\n\n - scsi: libfc: retry PRLI if we cannot analyse the payload\n (bsc#1104731).\n\n - scsi: qla2xxx: Fix memory leak for allocating abort IOCB\n (bsc#1111830).\n\n - scsi: target: prefer dbroot of /etc/target over\n /var/target (bsc#1111928).\n\n - serial: 8250: Fix clearing FIFOs in RS485 mode again\n (bsc#1051510).\n\n - series.conf: moved some Xen patches to the sorted region\n xen/blkfront: correct purging of persistent grants\n (bnc#1112514).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes\n (bsc#1110006).\n\n - smb2: fix missing files in root share directory listing\n (bsc#1112907).\n\n - smb3: fill in statfs fsid and correct namelen\n (bsc#1112905).\n\n - smb3: fix reset of bytes read and written stats\n (bsc#1112906).\n\n - smb3: on reconnect set PreviousSessionId field\n (bsc#1112899).\n\n - sock_diag: fix use-after-free read in __sk_free\n (bsc#1051510).\n\n - soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n\n - sound: do not call skl_init_chip() to reset intel skl\n soc (bsc#1051510).\n\n - sound: enable interrupt after dma buffer initialization\n (bsc#1051510).\n\n - spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n\n - spi: bcm-qspi: switch back to reading flash using\n smaller chunks (bsc#1051510).\n\n - spi: sh-msiof: fix deferred probing (bsc#1051510).\n\n - squashfs: more metadata hardening (bsc#1051510).\n\n - staging: comedi: ni_mio_common: protect register write\n overflow (bsc#1051510).\n\n - stm: Potential read overflow in\n stm_char_policy_set_ioctl() (bsc#1051510).\n\n - switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n\n - sysfs: Do not return POSIX ACL xattrs via listxattr\n (git-fixes).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing\n (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout\n (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat\n (bsc#1095805).\n\n - team: Forbid enslaving team device to itself\n (bsc#1051510).\n\n - tools build: fix # escaping in .cmd files for future\n Make (git-fixes).\n\n - tools/vm/page-types.c: fix 'defined but not used'\n warning (bsc#1051510).\n\n - tools/vm/slabinfo.c: fix sign-compare warning\n (bsc#1051510).\n\n - tracing: Add barrier to trace_printk() buffer nesting\n modification (bsc#1112219).\n\n - tty: fix data race between tty_init_dev and flush of buf\n (bnc#1105428).\n\n - tty: Hold tty_ldisc_lock() during tty_reopen()\n (bnc#1105428).\n\n - tty/ldsem: Add lockdep asserts for ldisc_sem\n (bnc#1105428).\n\n - tty/ldsem: Convert to regular lockdep annotations\n (bnc#1105428).\n\n - tty/ldsem: Decrement wait_readers on timeouted\n down_read() (bnc#1105428).\n\n - tty/ldsem: Wake up readers after timed out down_write()\n (bnc#1105428).\n\n - tty: Simplify tty->count math in tty_reopen()\n (bnc#1105428).\n\n - usb: chipidea: Prevent unbalanced IRQ disable\n (bsc#1051510).\n\n - usb: gadget: fotg210-udc: Fix memory leak of\n fotg210->ep[i] (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: check allocation return value\n and cleanup on failure (bsc#1051510).\n\n - usb: gadget: fsl_udc_core: fixup struct_udc_setup\n documentation (bsc#1051510).\n\n - usbip: tools: fix atoi() on non-null terminated string\n (bsc#1051510).\n\n - usb: remove LPM management from\n usb_driver_claim_interface() (bsc#1051510).\n\n - usb: serial: cypress_m8: fix interrupt-out transfer\n length (bsc#1051510).\n\n - usb: serial: simple: add Motorola Tetra MTP6550 id\n (bsc#1051510).\n\n - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n\n - usb: yurex: Check for truncation in yurex_read()\n (bsc#1051510).\n\n - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait()\n pte access (bsc#1109739).\n\n - Use upstream version of pci-hyperv patch (35a88a1)\n\n - vmbus: do not return values for uninitalized channels\n (bsc#1051510).\n\n - vti4: Do not count header length twice on tunnel setup\n (bsc#1051510).\n\n - vti6: fix PMTU caching and reporting on xmit\n (bsc#1051510).\n\n - vti6: remove !skb->ignore_df check from vti6_xmit()\n (bsc#1051510).\n\n - Workaround for mysterious NVMe breakage with i915 CFL\n (bsc#1111040).\n\n - x86/acpi: Prevent X2APIC id 0xffffffff from being\n accounted (bsc#1110006).\n\n - x86/boot/KASLR: Work around firmware bugs by excluding\n EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice\n (bnc#1112878).\n\n - x86/boot: Move EISA setup to a separate file\n (bsc#1110006).\n\n - x86/cpufeature: Add User-Mode Instruction Prevention\n definitions (bsc#1110006).\n\n - x86/cpufeatures: Add Intel Total Memory Encryption\n cpufeature (bsc#1110006).\n\n - x86/eisa: Add missing include (bsc#1110006).\n\n - x86/EISA: Do not probe EISA bus for Xen PV guests\n (bsc#1110006).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/kasan: Panic if there is not enough memory to boot\n (bsc#1110006).\n\n - x86/MCE: Fix stack out-of-bounds write in mce-inject.c:\n Flags_read() (bsc#1110006).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit()\n on 32bit (bsc#1105536).\n\n - x86/time: Correct the attribute on jiffies' definition\n (bsc#1110006).\n\n - xen/gntdev: avoid out of bounds access in case of\n partial gntdev_mmap() (bnc#1065600).\n\n - xen: Remove unnecessary BUG_ON from __unbind_from_irq()\n (bnc#1065600).\n\n - xen-swiotlb: fix the check condition for\n xen_swiotlb_free_coherent (bnc#1065600).\n\n - xfrm: use complete IPv6 addresses for hash\n (bsc#1109330).\n\n - xfs: do not fail when converting shortform attr to long\n form during ATTR_REPLACE (bsc#1105025).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point\n xHCI (bsc#1051510).\n\n - xhci: Do not print a warning when setting link state for\n disabled ports (bsc#1051510).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1066674\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1103543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105536\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106237\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109951\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111040\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111819\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111834\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111904\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111983\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112208\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112221\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112246\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112372\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112733\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112736\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112739\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112740\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112741\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112743\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112878\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113284\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113408\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113972\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-docs-html-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-macros-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-qa-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-vanilla-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-syms-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debugsource-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-4.12.14-lp150.12.25.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.25.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:30:14", "description": "The openSUSE Leap 42.3 kernel was updated to 4.4.162 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n\n - CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\n - CVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498).\n\nThe following non-security bugs were fixed :\n\n - 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382).\n\n - Add azure kernel description.\n\n - Add bug reference to patches.suse/x86-entry-64-use-a-per-cpu-trampoline-stack\n -fix1.patch\n\n - Add graphviz to buildreq for image conversion\n\n - Add reference to bsc#1104124 to patches.fixes/fs-aio-fix-the-increment-of-aio-nr-and-cou nting-agai.patch\n\n - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bnc#1012382).\n\n - ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382).\n\n - apparmor: remove no-op permission check in policy_unpack (git-fixes).\n\n - ARC: build: Get rid of toolchain check (bnc#1012382).\n\n - ARC: clone syscall to setp r25 as thread pointer (bnc#1012382).\n\n - arch/hexagon: fix kernel/dma.c build warning (bnc#1012382).\n\n - arch-symbols: use bash as interpreter since the script uses bashism.\n\n - arm64: cpufeature: Track 32bit EL0 support (bnc#1012382).\n\n - arm64: jump_label.h: use asm_volatile_goto macro instead of 'asm goto' (bnc#1012382).\n\n - arm64: KVM: Sanitize PSTATE.M when being set from userspace (bnc#1012382).\n\n - arm64: KVM: Tighten guest core register access from userspace (bnc#1012382).\n\n - ARM: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382).\n\n - ARM: dts: dra7: fix DCAN node addresses (bnc#1012382).\n\n - ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382).\n\n - ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382).\n\n - ASoC: sigmadsp: safeload should not have lower byte limit (bnc#1012382).\n\n - ASoC: wm8804: Add ACPI support (bnc#1012382).\n\n - ath10k: fix scan crash due to incorrect length calculation (bnc#1012382).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bnc#1012382).\n\n - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bnc#1012382).\n\n - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382).\n\n - bnxt_en: Fix TX timeout during netpoll (bnc#1012382).\n\n - bonding: avoid possible dead-lock (bnc#1012382).\n\n - bpf: fix cb access in socket filter programs on tail calls (bsc#1012382).\n\n - bpf: fix map not being uncharged during map creation failure (bsc#1012382).\n\n - bpf, s390: fix potential memleak when later bpf_jit_prog fails (git-fixes).\n\n - bpf, s390x: do not reload skb pointers in non-skb context (git-fixes).\n\n - bsc#1106913: Replace with upstream variants Delete patches.suse/11-x86-mm-only-set-ibpb-when-the-new-thread\n -cannot-ptrace-current-thread.patch.\n\n - bs-upload-kernel: do not set %opensuse_bs Since SLE15 it is not set in the distribution project so do not set it for kernel projects either.\n\n - btrfs: add a comp_refs() helper (dependency for bsc#1031392).\n\n - btrfs: add missing initialization in btrfs_check_shared (Git-fixes bsc#1112262).\n\n - btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392).\n\n - btrfs: add wrapper for counting BTRFS_MAX_EXTENT_SIZE (dependency for bsc#1031392).\n\n - btrfs: cleanup extent locking sequence (dependency for bsc#1031392).\n\n - btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag (Follow up fixes for bsc#1031392).\n\n - btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392).\n\n - btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n\n - btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).\n\n - Btrfs: fix invalid attempt to free reserved space on failure to cow range (dependency for bsc#1031392).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n\n - btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263).\n\n - btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392).\n\n - Btrfs: kill trans in run_delalloc_nocow and btrfs_cross_ref_exist (dependency for bsc#1031392).\n\n - btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392).\n\n - Btrfs: pass delayed_refs directly to btrfs_find_delayed_ref_head (dependency for bsc#1031392).\n\n - btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392).\n\n - btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392).\n\n - btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392).\n\n - btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392).\n\n - btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392).\n\n - btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392).\n\n - btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392).\n\n - btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392).\n\n - btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392).\n\n - btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392).\n\n - btrfs: qgroups: opencode qgroup_free helper (dependency for bsc#1031392).\n\n - btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392).\n\n - btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392).\n\n - btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392).\n\n - btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392).\n\n - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392).\n\n - btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392).\n\n - btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392).\n\n - Btrfs: rework outstanding_extents (dependency for bsc#1031392).\n\n - btrfs: switch args for comp_*_refs (dependency for bsc#1031392).\n\n - btrfs: Take trans lock before access running trans in check_delayed_ref (Follow up fixes for bsc#1031392).\n\n - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1112007).\n\n - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bnc#1012382).\n\n - cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bnc#1012382).\n\n - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382).\n\n - cgroup, netclassid: add a preemption point to write_classid (bnc#1098996).\n\n - CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n\n - cifs: connect to servername instead of IP for IPC$ share (bsc#1106359).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - cifs: read overflow in is_valid_oplock_break() (bnc#1012382).\n\n - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382).\n\n - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3\n\n - crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382).\n\n - crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382).\n\n - Define dependencies of in-kernel KMPs statically This allows us to use rpm's internal dependency generator (bsc#981083).\n\n - dm cache: fix resize crash if user does not reload cache table (bnc#1012382).\n\n - dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382).\n\n - dm thin metadata: try to avoid ever aborting transactions (bnc#1012382).\n\n - Do not ship firmware (bsc#1054239). Pull firmware from kernel-firmware instead.\n\n - drivers/tty: add error handling for pcmcia_loop_config (bnc#1012382).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382).\n\n - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382).\n\n - drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1106929)\n\n - Drop dtb-source.spec and move the sources to kernel-source (bsc#1011920)\n\n - Drop multiversion(kernel) from the KMP template ()\n\n - e1000: check on netif_running() before calling e1000_up() (bnc#1012382).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382).\n\n - ebtables: arpreply: Add the standard target sanity check (bnc#1012382).\n\n - EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114648).\n\n - Enable kernel-obs-(build,qa) also in the vanilla branches\n\n - ethtool: restore erroneously removed break in dev_ethtool (bsc#1114229).\n\n - fbdev: fix broken menu dependencies (bsc#1106929)\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak (bnc#1012382).\n\n - Fix file list to remove REPORTING-BUGS\n\n - Fix html and pdf creation in Documetation/media/*\n\n - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382).\n\n - fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382).\n\n - fs/cifs: suppress a string overflow warning (bnc#1012382).\n\n - gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382).\n\n - hexagon: modify ffs() and fls() to return int (bnc#1012382).\n\n - HID: hid-ntrig: add error handling for sysfs_create_group (bnc#1012382).\n\n - housekeeping: btrfs selftests: fold backport fix into backport patch\n\n - housekeeping: move btrfs patches to sorted section. No code changes.\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hwmon: (adt7475) Make adt7475_read_word() return errors (bnc#1012382).\n\n - hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382).\n\n - hwrng: core - document the quality field (git-fixes).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bnc#1012382).\n\n - i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382).\n\n - i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bnc#1012382).\n\n - i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bnc#1012382).\n\n - IB/srp: Avoid that sg_reset -d $(srp_device) triggers an infinite loop (bnc#1012382).\n\n - Input: atakbd - fix Atari CapsLock behaviour (bnc#1012382).\n\n - Input: atakbd - fix Atari keymap (bnc#1012382).\n\n - Input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382).\n\n - ip6_tunnel: be careful when accessing the inner header (bnc#1012382).\n\n - ip_tunnel: be careful when accessing the inner header (bnc#1012382).\n\n - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (bnc#1012382).\n\n - ixgbe: pci_set_drvdata must be called before register_netdev (Git-fixes bsc#1109923).\n\n - jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382).\n\n - KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382).\n\n - KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch (bnc#1012382).\n\n - lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110).\n\n - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382).\n\n - mac80211: fix a race between restart and CSA flows (bnc#1012382).\n\n - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bnc#1012382).\n\n - mac80211: Fix station bandwidth setting after channel switch (bnc#1012382).\n\n - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382).\n\n - mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382).\n\n - mac80211: shorten the IBSS debug messages (bnc#1012382).\n\n - mach64: detect the dot clock divider correctly on sparc (bnc#1012382).\n\n - md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382).\n\n - media: af9035: prevent buffer overflow on write (bnc#1012382).\n\n - media: exynos4-is: Prevent NULL pointer dereference in\n __isp_video_try_fmt() (bnc#1012382).\n\n - media: fsl-viu: fix error handling in viu_of_probe() (bnc#1012382).\n\n - media: omap3isp: zero-initialize the isp cam_xclk(a,b) initial data (bnc#1012382).\n\n - media: omap_vout: Fix a possible NULL pointer dereference in omap_vout_open() (bsc#1050431).\n\n - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bnc#1012382).\n\n - media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382).\n\n - media: tm6000: add error handling for dvb_register_adapter (bnc#1012382).\n\n - media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382).\n\n - media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382).\n\n - media: videobuf-dma-sg: Fix dma_(sync,unmap)_sg() calls (bsc#1050431).\n\n - memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n\n - mfd: omap-usb-host: Fix dts probe of children (bnc#1012382).\n\n - mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382).\n\n - mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n\n - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382).\n\n - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (bnc#1012382).\n\n - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git fixes).\n\n - module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382).\n\n - move changes without Git-commit out of sorted section\n\n - net: cadence: Fix a sleep-in-atomic-context bug in macb_halt_tx() (bnc#1012382).\n\n - net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES (bnc#1012382).\n\n - net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382).\n\n - net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382).\n\n - netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382).\n\n - net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382).\n\n - net/mlx4: Use cpumask_available for eq->affinity_mask (bnc#1012382).\n\n - net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382).\n\n - net: systemport: Fix wake-up interrupt race during resume (bnc#1012382).\n\n - net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382).\n\n - NFS: add nostatflush mount option (bsc#1065726).\n\n - NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n\n - nfsd: fix corrupted reply to badly ordered compound (bnc#1012382).\n\n - ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382).\n\n - of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382).\n\n - ovl: Copy inode attributes after setting xattr (bsc#1107299).\n\n - Pass x86 as architecture on x86_64 and i386 (bsc#1093118).\n\n - PCI: hv: Use effective affinity mask (bsc#1109772).\n\n - PCI: Reprogram bridge prefetch registers on resume (bnc#1012382).\n\n - perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382).\n\n - perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382).\n\n - PM / core: Clear the direct_complete flag on errors (bnc#1012382).\n\n - powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382).\n\n - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n\n - powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n\n - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n\n - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n\n - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n\n - power: vexpress: fix corruption in notifier registration (bnc#1012382).\n\n - proc: restrict kernel stack dumps to root (bnc#1012382).\n\n - qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bnc#1012382).\n\n - RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (bnc#1012382).\n\n - rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n\n - rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n\n - RDMA/ucma: check fd type in ucma_migrate_id() (bnc#1012382).\n\n - README: Clean-up trailing whitespace\n\n - reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries (bsc#1109818).\n\n - resource: Include resource end in walk_*() interfaces (bsc#1114648).\n\n - Revert 'btrfs: qgroups: Retry after commit on getting EDQUOT' (bsc#1031392).\n\n - Revert 'drm: Do not pass negative delta to ktime_sub_ns()' (bsc#1106929)\n\n - Revert 'drm/i915: Initialize HWS page address after GPU reset' (bsc#1106929)\n\n - Revert 'KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch' (kabi).\n\n - Revert 'media: v4l: event: Prevent freeing event subscriptions while accessed' (kabi).\n\n - Revert 'proc: restrict kernel stack dumps to root' (kabi).\n\n - Revert 'rpm/constraints.in: Lower default disk space requirement from 25G to 24G' This reverts commit 406abda1467c038842febffe264faae1fa2e3c1d. ok, did not wait long enough to see the failure.\n\n - Revert 'Skip intel_crt_init for Dell XPS 8700' (bsc#1106929)\n\n - Revert 'tcp: add tcp_ooo_try_coalesce() helper' (kabi).\n\n - Revert 'tcp: call tcp_drop() from tcp_data_queue_ofo()' (kabi).\n\n - Revert 'tcp: fix a stale ooo_last_skb after a replace' (kabi).\n\n - Revert 'tcp: free batches of packets in tcp_prune_ofo_queue()' (kabi).\n\n - Revert 'tcp: use an RB tree for ooo receive queue' (kabi).\n\n - Revert 'usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()' (bnc#1012382).\n\n - Revert 'x86/fpu: Finish excising 'eagerfpu'' (kabi).\n\n - Revert 'x86/fpu: Remove struct fpu::counter' (kabi).\n\n - Revert 'x86/fpu: Remove use_eager_fpu()' (kabi).\n\n - rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bnc#1012382).\n\n - rpm/apply-patches: Fix failure if there are no vanilla patches The grep command returns 1 if there are no patches and we are using pipefail.\n\n - rpm/constraints.in: build ARM on at least 2 cpus\n\n - rpm/constraints.in: Lower default disk space requirement from 25G to 24G 25G is rejected by the build service on ARM.\n\n - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (bnc#1012382).\n\n - s390/chsc: Add exception handler for CHSC instruction (git-fixes).\n\n - s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382).\n\n - s390/kdump: Fix elfcorehdr size calculation (git-fixes).\n\n - s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes).\n\n - s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n\n - s390/qeth: do not dump past end of unknown HW header (bnc#1012382).\n\n - s390/qeth: handle failure on workqueue creation (git-fixes).\n\n - s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n\n - s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes).\n\n - scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382).\n\n - scsi: ibmvscsi: Improve strings handling (bnc#1012382).\n\n - scsi: klist: Make it safe to use klists in atomic context (bnc#1012382).\n\n - scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size (bnc#1012382).\n\n - selftests/efivarfs: add required kernel configs (bnc#1012382).\n\n - serial: cpm_uart: return immediately from console poll (bnc#1012382).\n\n - serial: imx: restore handshaking irq for imx1 (bnc#1012382).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n\n - slub: make ->cpu_partial unsigned int (bnc#1012382).\n\n - smb2: fix missing files in root share directory listing (bnc#1012382).\n\n - smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n\n - sound: enable interrupt after dma buffer initialization (bnc#1012382).\n\n - spi: rspi: Fix interrupted DMA transfers (bnc#1012382).\n\n - spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382).\n\n - spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382).\n\n - spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382).\n\n - spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382).\n\n - staging: android: ashmem: Fix mmap size validation (bnc#1012382).\n\n - staging: rts5208: fix missing error check on call to rtsx_write_register (bnc#1012382).\n\n - stmmac: fix valid numbers of unicast filter entries (bnc#1012382).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n\n - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382).\n\n - tcp: call tcp_drop() from tcp_data_queue_ofo() (bnc#1012382).\n\n - tcp: fix a stale ooo_last_skb after a replace (bnc#1012382).\n\n - tcp: free batches of packets in tcp_prune_ofo_queue() (bnc#1012382).\n\n - tcp: increment sk_drops for dropped rx packets (bnc#1012382).\n\n - tcp: use an RB tree for ooo receive queue (bnc#1012382).\n\n - team: Forbid enslaving team device to itself (bnc#1012382).\n\n - thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382).\n\n - tools/vm/page-types.c: fix 'defined but not used' warning (bnc#1012382).\n\n - tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382).\n\n - tpm: Restore functionality to xen vtpm driver (bsc#1020645, git-fixes).\n\n - tsl2550: fix lux1_input error in low light (bnc#1012382).\n\n - ubifs: Check for name being NULL while mounting (bnc#1012382).\n\n - ucma: fix a use-after-free in ucma_resolve_ip() (bnc#1012382).\n\n - USB: fix error handling in usb_driver_claim_interface() (bnc#1012382).\n\n - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382).\n\n - usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382).\n\n - USB: handle NULL config in usb_find_alt_setting() (bnc#1012382).\n\n - USB: remove LPM management from usb_driver_claim_interface() (bnc#1012382).\n\n - USB: serial: kobil_sct: fix modem-status error handling (bnc#1012382).\n\n - USB: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382).\n\n - USB: usbdevfs: restore warning for nonsensical flags (bnc#1012382).\n\n - USB: usbdevfs: sanitize flags more (bnc#1012382).\n\n - usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382).\n\n - USB: yurex: Check for truncation in yurex_read() (bnc#1012382).\n\n - Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available.\n SLE11 has make 3.81 so it is required to include make 4 in the kernel OBS projects to take advantege of this.\n\n - Use upstream version of pci-hyperv change 35a88a18d7\n\n - uwb: hwa-rc: fix memory leak at probe (bnc#1012382).\n\n - vmci: type promotion bug in qp_host_get_user_memory() (bnc#1012382).\n\n - wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382).\n\n - wlcore: Fix memory leak in wlcore_cmd_wait_for_event_or_timeout (git-fixes).\n\n - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV (kabi).\n\n - x86/entry/64: Add two more instruction suffixes (bnc#1012382).\n\n - x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931).\n\n - x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931).\n\n - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/fpu: Remove struct fpu::counter (bnc#1012382).\n\n - x86/fpu: Remove use_eager_fpu() (bnc#1012382).\n\n - x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n\n - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114648).\n\n - x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555).\n\n - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913, bsc#1111516).\n\n - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).\n\n - x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).\n\n - x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).\n\n - x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n\n - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382).\n\n - xen: avoid crash in disable_hotplug_cpu (bnc#1012382 bsc#1106594 bsc#1042422).\n\n - xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382).\n\n - xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382).\n\n - xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382).\n\n - rpm/kernel-binary.spec.in: Add missing export BRP_SIGN_FILES (bsc#1115587) The export line was accidentally dropped at merging scripts branch, which resulted in the invalid module signature.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-11-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2018-1427)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-16658", "CVE-2018-18281", "CVE-2018-18386", "CVE-2018-18690", "CVE-2018-18710", "CVE-2018-9516"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2018-1427.NASL", "href": "https://www.tenable.com/plugins/nessus/119077", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1427.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119077);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-10940\", \"CVE-2018-16658\", \"CVE-2018-18281\", \"CVE-2018-18386\", \"CVE-2018-18690\", \"CVE-2018-18710\", \"CVE-2018-9516\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2018-1427)\");\n script_summary(english:\"Check for the openSUSE-2018-1427 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.3 kernel was updated to 4.4.162 to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2018-18281: The mremap() syscall performs TLB\n flushes after dropping pagetable locks. If a syscall\n such as ftruncate() removes entries from the pagetables\n of a task that is in the middle of mremap(), a stale TLB\n entry can remain for a short time that permits access to\n a physical page after it has been released back to the\n page allocator and reused. (bnc#1113769).\n\n - CVE-2018-18710: An information leak in\n cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could\n be used by local attackers to read kernel memory because\n a cast from unsigned long to int interferes with bounds\n checking. This is similar to CVE-2018-10940 and\n CVE-2018-16658 (bnc#1113751).\n\n - CVE-2018-18690: A local attacker able to set attributes\n on an xfs filesystem could make this filesystem\n non-operational until the next mount by triggering an\n unchecked error condition during an xfs attribute\n change, because xfs_attr_shortform_addname in\n fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE\n operations with conversion of an attr from short to long\n form (bnc#1105025).\n\n - CVE-2018-18386: drivers/tty/n_tty.c allowed local\n attackers (who are able to access pseudo terminals) to\n hang/block further usage of any pseudo terminal devices\n due to an EXTPROC versus ICANON confusion in TIOCINQ\n (bnc#1094825).\n\n - CVE-2018-9516: A lack of certain checks in the\n hid_debug_events_read() function in the\n drivers/hid/hid-debug.c file might have resulted in\n receiving userspace buffer overflow and an out-of-bounds\n write or to the infinite loop. (bnc#1108498).\n\nThe following non-security bugs were fixed :\n\n - 6lowpan: iphc: reset mac_header after decompress to fix\n panic (bnc#1012382).\n\n - Add azure kernel description.\n\n - Add bug reference to\n patches.suse/x86-entry-64-use-a-per-cpu-trampoline-stack\n -fix1.patch\n\n - Add graphviz to buildreq for image conversion\n\n - Add reference to bsc#1104124 to\n patches.fixes/fs-aio-fix-the-increment-of-aio-nr-and-cou\n nting-agai.patch\n\n - ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge\n (bnc#1012382).\n\n - ALSA: hda/realtek - Cannot adjust speaker's volume on\n Dell XPS 27 7760 (bnc#1012382).\n\n - apparmor: remove no-op permission check in policy_unpack\n (git-fixes).\n\n - ARC: build: Get rid of toolchain check (bnc#1012382).\n\n - ARC: clone syscall to setp r25 as thread pointer\n (bnc#1012382).\n\n - arch/hexagon: fix kernel/dma.c build warning\n (bnc#1012382).\n\n - arch-symbols: use bash as interpreter since the script\n uses bashism.\n\n - arm64: cpufeature: Track 32bit EL0 support\n (bnc#1012382).\n\n - arm64: jump_label.h: use asm_volatile_goto macro instead\n of 'asm goto' (bnc#1012382).\n\n - arm64: KVM: Sanitize PSTATE.M when being set from\n userspace (bnc#1012382).\n\n - arm64: KVM: Tighten guest core register access from\n userspace (bnc#1012382).\n\n - ARM: dts: at91: add new compatibility string for macb on\n sama5d3 (bnc#1012382).\n\n - ARM: dts: dra7: fix DCAN node addresses (bnc#1012382).\n\n - ARM: mvebu: declare asm symbols as character arrays in\n pmsu.c (bnc#1012382).\n\n - ASoC: dapm: Fix potential DAI widget pointer deref when\n linking DAIs (bnc#1012382).\n\n - ASoC: sigmadsp: safeload should not have lower byte\n limit (bnc#1012382).\n\n - ASoC: wm8804: Add ACPI support (bnc#1012382).\n\n - ath10k: fix scan crash due to incorrect length\n calculation (bnc#1012382).\n\n - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait\n (bnc#1012382).\n\n - ath10k: protect ath10k_htt_rx_ring_free with\n rx_ring.lock (bnc#1012382).\n\n - Bluetooth: Add a new Realtek 8723DE ID 0bda:b009\n (bnc#1012382).\n\n - bnxt_en: Fix TX timeout during netpoll (bnc#1012382).\n\n - bonding: avoid possible dead-lock (bnc#1012382).\n\n - bpf: fix cb access in socket filter programs on tail\n calls (bsc#1012382).\n\n - bpf: fix map not being uncharged during map creation\n failure (bsc#1012382).\n\n - bpf, s390: fix potential memleak when later bpf_jit_prog\n fails (git-fixes).\n\n - bpf, s390x: do not reload skb pointers in non-skb\n context (git-fixes).\n\n - bsc#1106913: Replace with upstream variants Delete\n patches.suse/11-x86-mm-only-set-ibpb-when-the-new-thread\n -cannot-ptrace-current-thread.patch.\n\n - bs-upload-kernel: do not set %opensuse_bs Since SLE15 it\n is not set in the distribution project so do not set it\n for kernel projects either.\n\n - btrfs: add a comp_refs() helper (dependency for\n bsc#1031392).\n\n - btrfs: add missing initialization in btrfs_check_shared\n (Git-fixes bsc#1112262).\n\n - btrfs: add tracepoints for outstanding extents mods\n (dependency for bsc#1031392).\n\n - btrfs: add wrapper for counting BTRFS_MAX_EXTENT_SIZE\n (dependency for bsc#1031392).\n\n - btrfs: cleanup extent locking sequence (dependency for\n bsc#1031392).\n\n - btrfs: defrag: use btrfs_mod_outstanding_extents in\n cluster_pages_for_defrag (Follow up fixes for\n bsc#1031392).\n\n - btrfs: delayed-inode: Remove wrong qgroup meta\n reservation calls (bsc#1031392).\n\n - btrfs: delayed-inode: Use new qgroup meta rsv for\n delayed inode and item (bsc#1031392).\n\n - btrfs: Enhance btrfs_trim_fs function to handle error\n better (Dependency for bsc#1113667).\n\n - btrfs: Ensure btrfs_trim_fs can trim the whole\n filesystem (bsc#1113667).\n\n - btrfs: fix error handling in btrfs_dev_replace_start\n (bsc#1107535).\n\n - Btrfs: fix invalid attempt to free reserved space on\n failure to cow range (dependency for bsc#1031392).\n\n - btrfs: fix missing error return in btrfs_drop_snapshot\n (Git-fixes bsc#1109919).\n\n - btrfs: Fix race condition between delayed refs and\n blockgroup removal (Git-fixes bsc#1112263).\n\n - btrfs: Fix wrong btrfs_delalloc_release_extents\n parameter (bsc#1031392).\n\n - Btrfs: kill trans in run_delalloc_nocow and\n btrfs_cross_ref_exist (dependency for bsc#1031392).\n\n - btrfs: make the delalloc block rsv per inode (dependency\n for bsc#1031392).\n\n - Btrfs: pass delayed_refs directly to\n btrfs_find_delayed_ref_head (dependency for\n bsc#1031392).\n\n - btrfs: qgroup: Add quick exit for non-fs extents\n (dependency for bsc#1031392).\n\n - btrfs: qgroup: Cleanup\n btrfs_qgroup_prepare_account_extents function\n (dependency for bsc#1031392).\n\n - btrfs: qgroup: Cleanup the remaining old reservation\n counters (bsc#1031392).\n\n - btrfs: qgroup: Commit transaction in advance to reduce\n early EDQUOT (bsc#1031392).\n\n - btrfs: qgroup: Do not use root->qgroup_meta_rsv for\n qgroup (bsc#1031392).\n\n - btrfs: qgroup: Fix wrong qgroup reservation update for\n relationship modification (bsc#1031392).\n\n - btrfs: qgroup: Introduce function to convert\n META_PREALLOC into META_PERTRANS (bsc#1031392).\n\n - btrfs: qgroup: Introduce helpers to update and access\n new qgroup rsv (bsc#1031392).\n\n - btrfs: qgroup: Make qgroup_reserve and its callers to\n use separate reservation type (bsc#1031392).\n\n - btrfs: qgroup: Skeleton to support separate qgroup\n reservation type (bsc#1031392).\n\n - btrfs: qgroups: opencode qgroup_free helper (dependency\n for bsc#1031392).\n\n - btrfs: qgroup: Split meta rsv type into meta_prealloc\n and meta_pertrans (bsc#1031392).\n\n - btrfs: qgroup: Update trace events for metadata\n reservation (bsc#1031392).\n\n - btrfs: qgroup: Update trace events to use new separate\n rsv types (bsc#1031392).\n\n - btrfs: qgroup: Use independent and accurate per inode\n qgroup rsv (bsc#1031392).\n\n - btrfs: qgroup: Use root::qgroup_meta_rsv_* to record\n qgroup meta reserved space (bsc#1031392).\n\n - btrfs: qgroup: Use separate meta reservation type for\n delalloc (bsc#1031392).\n\n - btrfs: remove type argument from comp_tree_refs\n (dependency for bsc#1031392).\n\n - Btrfs: rework outstanding_extents (dependency for\n bsc#1031392).\n\n - btrfs: switch args for comp_*_refs (dependency for\n bsc#1031392).\n\n - btrfs: Take trans lock before access running trans in\n check_delayed_ref (Follow up fixes for bsc#1031392).\n\n - ceph: avoid a use-after-free in ceph_destroy_options()\n (bsc#1112007).\n\n - cfg80211: fix a type issue in\n ieee80211_chandef_to_operating_class() (bnc#1012382).\n\n - cfg80211: nl80211_update_ft_ies() to validate\n NL80211_ATTR_IE (bnc#1012382).\n\n - cgroup: Fix deadlock in cpu hotplug path (bnc#1012382).\n\n - cgroup, netclassid: add a preemption point to\n write_classid (bnc#1098996).\n\n - CIFS: check for STATUS_USER_SESSION_DELETED\n (bsc#1112902).\n\n - cifs: connect to servername instead of IP for IPC$ share\n (bsc#1106359).\n\n - cifs: fix memory leak in SMB2_open() (bsc#1112894).\n\n - cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n\n - cifs: read overflow in is_valid_oplock_break()\n (bnc#1012382).\n\n - clocksource/drivers/ti-32k: Add\n CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs\n (bnc#1012382).\n\n - config.sh: set BUGZILLA_PRODUCT for SLE12-SP3\n\n - crypto: mxs-dcp - Fix wait logic on chan threads\n (bnc#1012382).\n\n - crypto: skcipher - Fix -Wstringop-truncation warnings\n (bnc#1012382).\n\n - Define dependencies of in-kernel KMPs statically This\n allows us to use rpm's internal dependency generator\n (bsc#981083).\n\n - dm cache: fix resize crash if user does not reload cache\n table (bnc#1012382).\n\n - dm thin metadata: fix __udivdi3 undefined on 32-bit\n (bnc#1012382).\n\n - dm thin metadata: try to avoid ever aborting\n transactions (bnc#1012382).\n\n - Do not ship firmware (bsc#1054239). Pull firmware from\n kernel-firmware instead.\n\n - drivers/tty: add error handling for pcmcia_loop_config\n (bnc#1012382).\n\n - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7\n (bnc#1012382).\n\n - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is\n missing from VBIOS (bnc#1012382).\n\n - drm/virtio: fix bounds check in\n virtio_gpu_cmd_get_capset() (bsc#1106929)\n\n - Drop dtb-source.spec and move the sources to\n kernel-source (bsc#1011920)\n\n - Drop multiversion(kernel) from the KMP template ()\n\n - e1000: check on netif_running() before calling\n e1000_up() (bnc#1012382).\n\n - e1000: ensure to free old tx/rx rings in set_ringparam()\n (bnc#1012382).\n\n - ebtables: arpreply: Add the standard target sanity check\n (bnc#1012382).\n\n - EDAC, thunderx: Fix memory leak in\n thunderx_l2c_threaded_isr() (bsc#1114648).\n\n - Enable kernel-obs-(build,qa) also in the vanilla\n branches\n\n - ethtool: restore erroneously removed break in\n dev_ethtool (bsc#1114229).\n\n - fbdev: fix broken menu dependencies (bsc#1106929)\n\n - fbdev/omapfb: fix omapfb_memory_read infoleak\n (bnc#1012382).\n\n - Fix file list to remove REPORTING-BUGS\n\n - Fix html and pdf creation in Documetation/media/*\n\n - floppy: Do not copy a kernel pointer to user memory in\n FDGETPRM ioctl (bnc#1012382).\n\n - fs/cifs: do not translate SFM_SLASH (U+F026) to\n backslash (bnc#1012382).\n\n - fs/cifs: suppress a string overflow warning\n (bnc#1012382).\n\n - gpio: adp5588: Fix sleep-in-atomic-context bug\n (bnc#1012382).\n\n - hexagon: modify ffs() and fls() to return int\n (bnc#1012382).\n\n - HID: hid-ntrig: add error handling for\n sysfs_create_group (bnc#1012382).\n\n - housekeeping: btrfs selftests: fold backport fix into\n backport patch\n\n - housekeeping: move btrfs patches to sorted section. No\n code changes.\n\n - hv: avoid crash in vmbus sysfs files (bnc#1108377).\n\n - hwmon: (adt7475) Make adt7475_read_word() return errors\n (bnc#1012382).\n\n - hwmon: (ina2xx) fix sysfs shunt resistor read access\n (bnc#1012382).\n\n - hwrng: core - document the quality field (git-fixes).\n\n - i2c: i2c-scmi: fix for i2c_smbus_write_block_data\n (bnc#1012382).\n\n - i2c: i801: Allow ACPI AML access I/O ports not reserved\n for SMBus (bnc#1012382).\n\n - i2c: uniphier-f: issue STOP only for last message or\n I2C_M_STOP (bnc#1012382).\n\n - i2c: uniphier: issue STOP only for last message or\n I2C_M_STOP (bnc#1012382).\n\n - IB/srp: Avoid that sg_reset -d $(srp_device) triggers an\n infinite loop (bnc#1012382).\n\n - Input: atakbd - fix Atari CapsLock behaviour\n (bnc#1012382).\n\n - Input: atakbd - fix Atari keymap (bnc#1012382).\n\n - Input: elantech - enable middle button of touchpad on\n ThinkPad P72 (bnc#1012382).\n\n - ip6_tunnel: be careful when accessing the inner header\n (bnc#1012382).\n\n - ip_tunnel: be careful when accessing the inner header\n (bnc#1012382).\n\n - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()\n (bnc#1012382).\n\n - ixgbe: pci_set_drvdata must be called before\n register_netdev (Git-fixes bsc#1109923).\n\n - jffs2: return -ERANGE when xattr buffer is too small\n (bnc#1012382).\n\n - KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate\n function (bnc#1012382).\n\n - KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch\n (bnc#1012382).\n\n - lib/test_hexdump.c: fix failure on big endian cpu\n (bsc#1106110).\n\n - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X\n (bnc#1012382).\n\n - mac80211: fix a race between restart and CSA flows\n (bnc#1012382).\n\n - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP\n mode keys (bnc#1012382).\n\n - mac80211: Fix station bandwidth setting after channel\n switch (bnc#1012382).\n\n - mac80211_hwsim: correct use of\n IEEE80211_VHT_CAP_RXSTBC_X (bnc#1012382).\n\n - mac80211: mesh: fix HWMP sequence numbering to follow\n standard (bnc#1012382).\n\n - mac80211: shorten the IBSS debug messages (bnc#1012382).\n\n - mach64: detect the dot clock divider correctly on sparc\n (bnc#1012382).\n\n - md-cluster: clear another node's suspend_area after the\n copy is finished (bnc#1012382).\n\n - media: af9035: prevent buffer overflow on write\n (bnc#1012382).\n\n - media: exynos4-is: Prevent NULL pointer dereference in\n __isp_video_try_fmt() (bnc#1012382).\n\n - media: fsl-viu: fix error handling in viu_of_probe()\n (bnc#1012382).\n\n - media: omap3isp: zero-initialize the isp cam_xclk(a,b)\n initial data (bnc#1012382).\n\n - media: omap_vout: Fix a possible NULL pointer\n dereference in omap_vout_open() (bsc#1050431).\n\n - media: s3c-camif: ignore -ENOIOCTLCMD from\n v4l2_subdev_call for s_power (bnc#1012382).\n\n - media: soc_camera: ov772x: correct setting of banding\n filter (bnc#1012382).\n\n - media: tm6000: add error handling for\n dvb_register_adapter (bnc#1012382).\n\n - media: uvcvideo: Support realtek's UVC 1.5 device\n (bnc#1012382).\n\n - media: v4l: event: Prevent freeing event subscriptions\n while accessed (bnc#1012382).\n\n - media: videobuf-dma-sg: Fix dma_(sync,unmap)_sg() calls\n (bsc#1050431).\n\n - memory_hotplug: cond_resched in __remove_pages\n (bnc#1114178).\n\n - mfd: omap-usb-host: Fix dts probe of children\n (bnc#1012382).\n\n - mm: madvise(MADV_DODUMP): allow hugetlbfs pages\n (bnc#1012382).\n\n - mm: /proc/pid/pagemap: hide swap entries from\n unprivileged users (Git-fixes bsc#1109907).\n\n - mm/vmstat.c: fix outdated vmstat_text (bnc#1012382).\n\n - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly\n (bnc#1012382).\n\n - mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly (git\n fixes).\n\n - module: exclude SHN_UNDEF symbols from kallsyms api\n (bnc#1012382).\n\n - move changes without Git-commit out of sorted section\n\n - net: cadence: Fix a sleep-in-atomic-context bug in\n macb_halt_tx() (bnc#1012382).\n\n - net: hns: fix length and page_offset overflow when\n CONFIG_ARM64_64K_PAGES (bnc#1012382).\n\n - net: ipv4: update fnhe_pmtu when first hop's MTU changes\n (bnc#1012382).\n\n - net/ipv6: Display all addresses in output of\n /proc/net/if_inet6 (bnc#1012382).\n\n - netlabel: check for IPV4MASK in addrinfo_get\n (bnc#1012382).\n\n - net: macb: disable scatter-gather for macb on sama5d3\n (bnc#1012382).\n\n - net/mlx4: Use cpumask_available for eq->affinity_mask\n (bnc#1012382).\n\n - net: mvpp2: Extract the correct ethtype from the skb for\n tx csum offload (bnc#1012382).\n\n - net: systemport: Fix wake-up interrupt race during\n resume (bnc#1012382).\n\n - net/usb: cancel pending work when unbinding smsc75xx\n (bnc#1012382).\n\n - NFS: add nostatflush mount option (bsc#1065726).\n\n - NFS: Avoid quadratic search when freeing delegations\n (bsc#1084760).\n\n - nfsd: fix corrupted reply to badly ordered compound\n (bnc#1012382).\n\n - ocfs2: fix locking for res->tracking and\n dlm->tracking_list (bnc#1012382).\n\n - of: unittest: Disable interrupt node tests for old world\n MAC systems (bnc#1012382).\n\n - ovl: Copy inode attributes after setting xattr\n (bsc#1107299).\n\n - Pass x86 as architecture on x86_64 and i386\n (bsc#1093118).\n\n - PCI: hv: Use effective affinity mask (bsc#1109772).\n\n - PCI: Reprogram bridge prefetch registers on resume\n (bnc#1012382).\n\n - perf probe powerpc: Ignore SyS symbols irrespective of\n endianness (bnc#1012382).\n\n - perf script python: Fix export-to-postgresql.py\n occasional failure (bnc#1012382).\n\n - PM / core: Clear the direct_complete flag on errors\n (bnc#1012382).\n\n - powerpc/kdump: Handle crashkernel memory reservation\n failure (bnc#1012382).\n\n - powerpc/numa: Skip onlining a offline node in kdump path\n (bsc#1109784).\n\n - powerpc/perf/hv-24x7: Fix passing of catalog version\n number (bsc#1053043).\n\n - powerpc/pseries: Fix build break for SPLPAR=n and CPU\n hotplug (bsc#1079524, git-fixes).\n\n - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906,\n git-fixes).\n\n - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n\n - powerpc/pseries/mm: factorize PTE slot computation\n (bsc#1109158).\n\n - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE\n (bsc#1109158).\n\n - powerpc/rtas: Fix a potential race between CPU-Offline &\n Migration (bsc#1111870).\n\n - power: vexpress: fix corruption in notifier registration\n (bnc#1012382).\n\n - proc: restrict kernel stack dumps to root (bnc#1012382).\n\n - qlcnic: fix Tx descriptor corruption on 82xx devices\n (bnc#1012382).\n\n - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing\n RTL_FLAG_TASK_ENABLED (bnc#1012382).\n\n - RAID10 BUG_ON in raise_barrier when force is true and\n conf->barrier is 0 (bnc#1012382).\n\n - rculist: add list_for_each_entry_from_rcu()\n (bsc#1084760).\n\n - rculist: Improve documentation for\n list_for_each_entry_from_rcu() (bsc#1084760).\n\n - RDMA/ucma: check fd type in ucma_migrate_id()\n (bnc#1012382).\n\n - README: Clean-up trailing whitespace\n\n - reiserfs: add check to detect corrupted directory entry\n (bsc#1109818).\n\n - reiserfs: do not panic on bad directory entries\n (bsc#1109818).\n\n - resource: Include resource end in walk_*() interfaces\n (bsc#1114648).\n\n - Revert 'btrfs: qgroups: Retry after commit on getting\n EDQUOT' (bsc#1031392).\n\n - Revert 'drm: Do not pass negative delta to\n ktime_sub_ns()' (bsc#1106929)\n\n - Revert 'drm/i915: Initialize HWS page address after GPU\n reset' (bsc#1106929)\n\n - Revert 'KVM: x86: remove eager_fpu field of struct\n kvm_vcpu_arch' (kabi).\n\n - Revert 'media: v4l: event: Prevent freeing event\n subscriptions while accessed' (kabi).\n\n - Revert 'proc: restrict kernel stack dumps to root'\n (kabi).\n\n - Revert 'rpm/constraints.in: Lower default disk space\n requirement from 25G to 24G' This reverts commit\n 406abda1467c038842febffe264faae1fa2e3c1d. ok, did not\n wait long enough to see the failure.\n\n - Revert 'Skip intel_crt_init for Dell XPS 8700'\n (bsc#1106929)\n\n - Revert 'tcp: add tcp_ooo_try_coalesce() helper' (kabi).\n\n - Revert 'tcp: call tcp_drop() from tcp_data_queue_ofo()'\n (kabi).\n\n - Revert 'tcp: fix a stale ooo_last_skb after a replace'\n (kabi).\n\n - Revert 'tcp: free batches of packets in\n tcp_prune_ofo_queue()' (kabi).\n\n - Revert 'tcp: use an RB tree for ooo receive queue'\n (kabi).\n\n - Revert 'usb: cdc-wdm: Fix a sleep-in-atomic-context bug\n in service_outstanding_interrupt()' (bnc#1012382).\n\n - Revert 'x86/fpu: Finish excising 'eagerfpu'' (kabi).\n\n - Revert 'x86/fpu: Remove struct fpu::counter' (kabi).\n\n - Revert 'x86/fpu: Remove use_eager_fpu()' (kabi).\n\n - rndis_wlan: potential buffer overflow in\n rndis_wlan_auth_indication() (bnc#1012382).\n\n - rpm/apply-patches: Fix failure if there are no vanilla\n patches The grep command returns 1 if there are no\n patches and we are using pipefail.\n\n - rpm/constraints.in: build ARM on at least 2 cpus\n\n - rpm/constraints.in: Lower default disk space requirement\n from 25G to 24G 25G is rejected by the build service on\n ARM.\n\n - rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to\n 4096 (bnc#1012382).\n\n - s390/chsc: Add exception handler for CHSC instruction\n (git-fixes).\n\n - s390/extmem: fix gcc 8 stringop-overflow warning\n (bnc#1012382).\n\n - s390/kdump: Fix elfcorehdr size calculation (git-fixes).\n\n - s390/kdump: Make elfcorehdr size calculation ABI\n compliant (git-fixes).\n\n - s390/mm: correct allocate_pgste proc_handler callback\n (git-fixes).\n\n - s390/qeth: do not dump past end of unknown HW header\n (bnc#1012382).\n\n - s390/qeth: handle failure on workqueue creation\n (git-fixes).\n\n - s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n\n - s390/stacktrace: fix address ranges for asynchronous and\n panic stack (git-fixes).\n\n - scsi: bnx2i: add error handling for ioremap_nocache\n (bnc#1012382).\n\n - scsi: ibmvscsi: Improve strings handling (bnc#1012382).\n\n - scsi: klist: Make it safe to use klists in atomic\n context (bnc#1012382).\n\n - scsi: target/iscsi: Make iscsit_ta_authentication()\n respect the output buffer size (bnc#1012382).\n\n - selftests/efivarfs: add required kernel configs\n (bnc#1012382).\n\n - serial: cpm_uart: return immediately from console poll\n (bnc#1012382).\n\n - serial: imx: restore handshaking irq for imx1\n (bnc#1012382).\n\n - signal: Properly deliver SIGSEGV from x86 uprobes\n (bsc#1110006).\n\n - slub: make ->cpu_partial unsigned int (bnc#1012382).\n\n - smb2: fix missing files in root share directory listing\n (bnc#1012382).\n\n - smb3: fill in statfs fsid and correct namelen\n (bsc#1112905).\n\n - sound: enable interrupt after dma buffer initialization\n (bnc#1012382).\n\n - spi: rspi: Fix interrupted DMA transfers (bnc#1012382).\n\n - spi: rspi: Fix invalid SPI use during system suspend\n (bnc#1012382).\n\n - spi: sh-msiof: Fix handling of write value for SISTR\n register (bnc#1012382).\n\n - spi: sh-msiof: Fix invalid SPI use during system suspend\n (bnc#1012382).\n\n - spi: tegra20-slink: explicitly enable/disable clock\n (bnc#1012382).\n\n - staging: android: ashmem: Fix mmap size validation\n (bnc#1012382).\n\n - staging: rts5208: fix missing error check on call to\n rtsx_write_register (bnc#1012382).\n\n - stmmac: fix valid numbers of unicast filter entries\n (bnc#1012382).\n\n - target: log Data-Out timeouts as errors (bsc#1095805).\n\n - target: log NOP ping timeouts as errors (bsc#1095805).\n\n - target: split out helper for cxn timeout error stashing\n (bsc#1095805).\n\n - target: stash sess_err_stats on Data-Out timeout\n (bsc#1095805).\n\n - target: use ISCSI_IQN_LEN in iscsi_target_stat\n (bsc#1095805).\n\n - tcp: add tcp_ooo_try_coalesce() helper (bnc#1012382).\n\n - tcp: call tcp_drop() from tcp_data_queue_ofo()\n (bnc#1012382).\n\n - tcp: fix a stale ooo_last_skb after a replace\n (bnc#1012382).\n\n - tcp: free batches of packets in tcp_prune_ofo_queue()\n (bnc#1012382).\n\n - tcp: increment sk_drops for dropped rx packets\n (bnc#1012382).\n\n - tcp: use an RB tree for ooo receive queue (bnc#1012382).\n\n - team: Forbid enslaving team device to itself\n (bnc#1012382).\n\n - thermal: of-thermal: disable passive polling when\n thermal zone is disabled (bnc#1012382).\n\n - tools/vm/page-types.c: fix 'defined but not used'\n warning (bnc#1012382).\n\n - tools/vm/slabinfo.c: fix sign-compare warning\n (bnc#1012382).\n\n - tpm: Restore functionality to xen vtpm driver\n (bsc#1020645, git-fixes).\n\n - tsl2550: fix lux1_input error in low light\n (bnc#1012382).\n\n - ubifs: Check for name being NULL while mounting\n (bnc#1012382).\n\n - ucma: fix a use-after-free in ucma_resolve_ip()\n (bnc#1012382).\n\n - USB: fix error handling in usb_driver_claim_interface()\n (bnc#1012382).\n\n - usb: gadget: fotg210-udc: Fix memory leak of\n fotg210->ep[i] (bnc#1012382).\n\n - usb: gadget: serial: fix oops when data rx'd after close\n (bnc#1012382).\n\n - USB: handle NULL config in usb_find_alt_setting()\n (bnc#1012382).\n\n - USB: remove LPM management from\n usb_driver_claim_interface() (bnc#1012382).\n\n - USB: serial: kobil_sct: fix modem-status error handling\n (bnc#1012382).\n\n - USB: serial: simple: add Motorola Tetra MTP6550 id\n (bnc#1012382).\n\n - USB: usbdevfs: restore warning for nonsensical flags\n (bnc#1012382).\n\n - USB: usbdevfs: sanitize flags more (bnc#1012382).\n\n - usb: wusbcore: security: cast sizeof to int for\n comparison (bnc#1012382).\n\n - USB: yurex: Check for truncation in yurex_read()\n (bnc#1012382).\n\n - Use make --output-sync feature when available\n (bsc#1012422). The mesages in make output can interleave\n making it impossible to extract warnings reliably. Since\n version 4 GNU Make supports --output-sync flag that\n prints output of each sub-command atomically preventing\n this issue. Detect the flag and use it if available.\n SLE11 has make 3.81 so it is required to include make 4\n in the kernel OBS projects to take advantege of this.\n\n - Use upstream version of pci-hyperv change 35a88a18d7\n\n - uwb: hwa-rc: fix memory leak at probe (bnc#1012382).\n\n - vmci: type promotion bug in qp_host_get_user_memory()\n (bnc#1012382).\n\n - wlcore: Add missing PM call for\n wlcore_cmd_wait_for_event_or_timeout() (bnc#1012382).\n\n - wlcore: Fix memory leak in\n wlcore_cmd_wait_for_event_or_timeout (git-fixes).\n\n - x86/cpufeature: deduplicate X86_FEATURE_L1TF_PTEINV\n (kabi).\n\n - x86/entry/64: Add two more instruction suffixes\n (bnc#1012382).\n\n - x86/entry/64: Clear registers for exceptions/interrupts,\n to reduce speculation attack surface (bsc#1105931).\n\n - x86/entry/64: sanitize extra registers on syscall entry\n (bsc#1105931).\n\n - x86/fpu: Finish excising 'eagerfpu' (bnc#1012382).\n\n - x86/fpu: Remove second definition of fpu in\n __fpu__restore_sig() (bsc#1110006).\n\n - x86/fpu: Remove struct fpu::counter (bnc#1012382).\n\n - x86/fpu: Remove use_eager_fpu() (bnc#1012382).\n\n - x86/irq: implement\n irq_data_get_effective_affinity_mask() for v4.12\n (bsc#1109772).\n\n - x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error\n (bsc#1114648).\n\n - x86/numa_emulation: Fix emulated-to-physical node\n mapping (bnc#1012382).\n\n - x86/paravirt: Fix some warning messages (bnc#1065600).\n\n - x86/percpu: Fix this_cpu_read() (bsc#1110006).\n\n - x86,sched: Allow topologies where NUMA nodes share an\n LLC (bsc#1091158, bsc#1101555).\n\n - x86/spec_ctrl: Fix spec_ctrl reporting (bsc#1106913,\n bsc#1111516).\n\n - x86/speculation: Apply IBPB more strictly to avoid\n cross-process data leak (bsc#1106913).\n\n - x86/speculation: Enable cross-hyperthread spectre v2\n STIBP mitigation (bsc#1106913).\n\n - x86/speculation: Propagate information about RSB filling\n mitigation to sysfs (bsc#1106913).\n\n - x86/time: Correct the attribute on jiffies' definition\n (bsc#1110006).\n\n - x86/tsc: Add missing header to tsc_msr.c (bnc#1012382).\n\n - xen: avoid crash in disable_hotplug_cpu (bnc#1012382\n bsc#1106594 bsc#1042422).\n\n - xen: fix GCC warning and remove duplicate\n EVTCHN_ROW/EVTCHN_COL usage (bnc#1012382).\n\n - xen/manage: do not complain about an empty value in\n control/sysrq node (bnc#1012382).\n\n - xhci: Add missing CAS workaround for Intel Sunrise Point\n xHCI (bnc#1012382).\n\n - xhci: Do not print a warning when setting link state for\n disabled ports (bnc#1012382).\n\n - rpm/kernel-binary.spec.in: Add missing export\n BRP_SIGN_FILES (bsc#1115587) The export line was\n accidentally dropped at merging scripts branch, which\n resulted in the invalid module signature.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1011920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1012422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1020645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1031392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1035053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1048129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1053043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1054239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1057199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1062303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1065726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1067906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1073579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1076393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1078788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1083527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1091158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1093118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1094825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1095805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1101555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1105931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1107060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1107299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1107535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1107870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112263\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1112905\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113769\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115587\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=981083\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=997172\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debugsource-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debugsource-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-devel-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-devel-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-html-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-pdf-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-macros-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-debugsource-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-qa-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-vanilla-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-syms-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debuginfo-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debugsource-4.4.162-78.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-devel-4.4.162-78.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-devel / kernel-macros / kernel-source / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:29:58", "description": "USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3847-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10902", "CVE-2018-12896", "CVE-2018-14734", "CVE-2018-16276", "CVE-2018-18445", "CVE-2018-18690", "CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3847-3.NASL", "href": "https://www.tenable.com/plugins/nessus/119829", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3847-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119829);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3847-3\");\n\n script_name(english:\"Ubuntu 14.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3847-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nkernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver\nfor the Linux kernel, leading to a double free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in\nthe Infiniband implementation in the Linux kernel. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux\nkernel did not properly restrict user space reads or writes. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS\nfile system in the Linux kernel in certain situations could cause an\nerror condition to occur. A local attacker could use this to cause a\ndenial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3847-3/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-4.15-azure and / or linux-image-azure\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3847-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.15.0-1036-azure\", pkgver:\"4.15.0-1036.38~14.04.2\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1036.23\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-azure / linux-image-azure\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:29:51", "description": "USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux kernel did not properly restrict user space reads or writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-12-21T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3847-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10902", "CVE-2018-12896", "CVE-2018-14734", "CVE-2018-16276", "CVE-2018-18445", "CVE-2018-18690", "CVE-2018-18710"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3847-2.NASL", "href": "https://www.tenable.com/plugins/nessus/119828", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3847-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119828);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n script_xref(name:\"USN\", value:\"3847-2\");\n\n script_name(english:\"Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3847-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu\n16.04 LTS.\n\nIt was discovered that a race condition existed in the raw MIDI driver\nfor the Linux kernel, leading to a double free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2018-10902)\n\nIt was discovered that an integer overrun vulnerability existed in the\nPOSIX timers implementation in the Linux kernel. A local attacker\ncould use this to cause a denial of service. (CVE-2018-12896)\n\nNoam Rathaus discovered that a use-after-free vulnerability existed in\nthe Infiniband implementation in the Linux kernel. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2018-14734)\n\nIt was discovered that the YUREX USB device driver for the Linux\nkernel did not properly restrict user space reads or writes. A\nphysically proximate attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2018-16276)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\ncorrectly compute numeric bounds in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2018-18445)\n\nKanda Motohiro discovered that writing extended attributes to an XFS\nfile system in the Linux kernel in certain situations could cause an\nerror condition to occur. A local attacker could use this to cause a\ndenial of service. (CVE-2018-18690)\n\nIt was discovered that an integer overflow vulnerability existed in\nthe CDROM driver of the Linux kernel. A local attacker could use this\nto expose sensitive information (kernel memory). (CVE-2018-18710).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3847-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2020 Canonical, Inc. / NASL script (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2018-10902\", \"CVE-2018-12896\", \"CVE-2018-14734\", \"CVE-2018-16276\", \"CVE-2018-18445\", \"CVE-2018-18690\", \"CVE-2018-18710\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3847-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1026-gcp\", pkgver:\"4.15.0-1026.27~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1031-aws\", pkgver:\"4.15.0-1031.33~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-1036-azure\", pkgver:\"4.15.0-1036.38~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-43-generic\", pkgver:\"4.15.0-43.46~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-43-generic-lpae\", pkgver:\"4.15.0-43.46~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.15.0-43-lowlatency\", pkgver:\"4.15.0-43.46~16.04.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-aws-hwe\", pkgver:\"4.15.0.1031.32\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-azure\", pkgver:\"4.15.0.1036.41\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gcp\", pkgver:\"4.15.0.1026.40\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-hwe-16.04\", pkgver:\"4.15.0.43.64\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae-hwe-16.04\", pkgver:\"4.15.0.43.64\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-gke\", pkgver:\"4.15.0.1026.40\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency-hwe-16.04\", pkgver:\"4.15.0.43.64\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.15-aws / linux-image-4.15-azure / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-16T13:12:03", "description": "The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.162 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack-based buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829).\n\nCVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n\nCVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\nCVE-2018-18690: A local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with conversion of an attr from short to long form (bnc#1105025).\n\nCVE-2018-18710: An issue was discovered in the Linux kernel An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\nCVE-2018-9516: A lack of certain checks in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}, "published": "2018-11-11T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:3689-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10940", "CVE-2018-14633", "CVE-2018-16658", "CVE-2018-18281", "CVE-2018-18386", "CVE-2018-18690", "CVE-2018-18710", "CVE-2018-9516"], "modified": "2021-04-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:lttng-modules", "p-cpe:/a:novell:suse_linux:lttng-modules-debugsource", "p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default", "p-cpe:/a:novell:suse_linux:lttng-modules-kmp-default-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3689-1.NASL", "href": "https://www.tenable.com/plugins/nessus/118882", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3689-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118882);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/14\");\n\n script_cve_id(\"CVE-2018-10940\", \"CVE-2018-14633\", \"CVE-2018-16658\", \"CVE-2018-18281\", \"CVE-2018-18386\", \"CVE-2018-18690\", \"CVE-2018-18710\", \"CVE-2018-9516\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:3689-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.162 to\nreceive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2018-14633: A security flaw was found in the\nchap_server_compute_md5() function in the ISCSI target code in a way\nan authentication request from an ISCSI initiator is processed. An\nunauthenticated remote attacker can cause a stack-based buffer\noverflow and smash up to 17 bytes of the stack. The attack requires\nthe iSCSI target to be enabled on the victim host. Depending on how\nthe target's code was built (i.e. depending on a compiler, compile\nflags and hardware architecture) an attack may lead to a system crash\nand thus to a denial-of-service or possibly to a non-authorized access\nto data exported by an iSCSI target. Due to the nature of the flaw,\nprivilege escalation cannot be fully ruled out, although we believe it\nis highly unlikely. (bnc#1107829).\n\nCVE-2018-18281: The mremap() syscall performs TLB flushes after\ndropping pagetable locks. If a syscall such as ftruncate() removes\nentries from the pagetables of a task that is in the middle of\nmremap(), a stale TLB entry can remain for a short time that permits\naccess to a physical page after it has been released back to the page\nallocator and reused. (bnc#1113769).\n\nCVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are\nable to access pseudo terminals) to hang/block further usage of any\npseudo terminal devices due to an EXTPROC versus ICANON confusion in\nTIOCINQ (bnc#1094825).\n\nCVE-2018-18690: A local attacker able to set attributes on an xfs\nfilesystem could make this filesystem non-operational until the next\nmount by triggering an unchecked error condition during an xfs\nattribute change, because xfs_attr_shortform_addname in\nfs/xfs/libxfs/xfs_attr.c mishandled ATTR_REPLACE operations with\nconversion of an attr from short to long form (bnc#1105025).\n\nCVE-2018-18710: An issue was discovered in the Linux kernel An\ninformation leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c\ncould be used by local attackers to read kernel memory because a cast\nfrom unsigned long to int interferes with bounds checking. This is\nsimilar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n\nCVE-2018-9516: A lack of certain checks in the hid_debug_events_read()\nfunction in the drivers/hid/hid-debug.c file might have resulted in\nreceiving userspace buffer overflow and an out-of-bounds write or to\nthe infinite loop. (bnc#1108498).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1011920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031392\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042422\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1043591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1048129\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1053043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1054239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1057199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1067906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083527\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084760\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1089343\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1091158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1093118\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094244\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1095805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1096052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1099597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1101555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103405\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1104124\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105025\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105931\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106240\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106293\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106359\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106913\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107060\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107535\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109333\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109784\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109919\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109923\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110468\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110601\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110602\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110605\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110614\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110615\"\n );\n script_