[SECURITY] Fedora 27 Update: docker-latest-1.13.1-37.git9cb56fd.fc27

2018-08-19T21:30:00

Description

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above.

Affected Package

OS	OS Version	Package Name	Package Version
Fedora	27	docker-latest	1.13.1

{"id": "FEDORA:EE13A60E51E0", "vendorId": null, "type": "fedora", "bulletinFamily": "unix", "title": "[SECURITY] Fedora 27 Update: docker-latest-1.13.1-37.git9cb56fd.fc27", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "published": "2018-08-19T21:30:00", "modified": "2018-08-19T21:30:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4}, "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DW75UQDNPSNU5K7M6NCSXWVPUAVQDCDO/", "reporter": "Fedora", "references": [], "cvelist": ["CVE-2018-10892"], "immutableFields": [], "lastseen": "2021-07-28T14:46:50", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1071"]}, {"type": "citrix", "idList": ["CTX234679"]}, {"type": "cve", "idList": ["CVE-2018-10892"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10892"]}, {"type": "fedora", "idList": ["FEDORA:1EC0F60C8AD5", "FEDORA:340C860EE57A", "FEDORA:3D50C628C914", "FEDORA:5950F64B939F", "FEDORA:CE97C60C0D02", "FEDORA:E76E4610B02D", "FEDORA:EE2EF610B02D"]}, {"type": "ibm", "idList": ["B8ED4D0C1C5D1E01AED72B188FB319FE4EB8FDB211DB044010433250C46EC4EF"]}, {"type": "nessus", "idList": ["ALA_ALAS-2018-1071.NASL", "FEDORA_2018-28F30EFAF6.NASL", "FEDORA_2018-6243646704.NASL", "FEDORA_2018-9695E9B0ED.NASL", "FEDORA_2019-723711C645.NASL", "NEWSTART_CGSL_NS-SA-2020-0082_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2021-0138_DOCKER-CE.NASL", "OPENSUSE-2019-2021.NASL", "REDHAT-RHSA-2018-2482.NASL", "SUSE_SU-2019-2117-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852679", "OPENVAS:1361412562310874812", "OPENVAS:1361412562310874840", "OPENVAS:1361412562310874955", "OPENVAS:1361412562310874973", "OPENVAS:1361412562310874974", "OPENVAS:1361412562310875434", "OPENVAS:1361412562310875435", "OPENVAS:1361412562310875473"]}, {"type": "redhat", "idList": ["RHSA-2018:2482", "RHSA-2018:2729"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2021-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10892"]}], "rev": 4}, "score": {"value": 5.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2018-1071"]}, {"type": "citrix", "idList": ["CTX234679"]}, {"type": "cve", "idList": ["CVE-2018-10892"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10892"]}, {"type": "fedora", "idList": ["FEDORA:1EC0F60C8AD5", "FEDORA:340C860EE57A", "FEDORA:3D50C628C914", "FEDORA:5950F64B939F", "FEDORA:CE97C60C0D02", "FEDORA:E76E4610B02D", "FEDORA:EE2EF610B02D"]}, {"type": "ibm", "idList": ["B8ED4D0C1C5D1E01AED72B188FB319FE4EB8FDB211DB044010433250C46EC4EF"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2018-2482.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852679", "OPENVAS:1361412562310874812", "OPENVAS:1361412562310874840"]}, {"type": "redhat", "idList": ["RHSA-2018:2482"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2021-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10892"]}]}, "exploitation": null, "vulnersScore": 5.4}, "_state": {"dependencies": 0}, "_internal": {}, "affectedPackage": [{"OS": "Fedora", "OSVersion": "27", "arch": "any", "packageVersion": "1.13.1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "docker-latest"}]}

{"debiancve": [{"lastseen": "2022-04-10T07:34:18", "description": "The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-07-06T16:29:00", "type": "debiancve", "title": "CVE-2018-10892", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-07-06T16:29:00", "id": "DEBIANCVE:CVE-2018-10892", "href": "https://security-tracker.debian.org/tracker/CVE-2018-10892", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-07-12T14:21:56", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: docker-1.13.1-60.git9cb56fd.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-07-12T14:21:56", "id": "FEDORA:CE97C60C0D02", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZROWSFFIHGDTF4YUUQMDDKXOWPTGADSF/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Manage Pods, Containers and Container Images libpod provides a library for applications looking to use the Container Pod concept popularized by Kubernetes. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-07-20T17:46:46", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: podman-0.7.2-2.git4ca4c5f.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-07-20T17:46:46", "id": "FEDORA:3D50C628C914", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JJCDOERVRVNE52QSDC5UOXE26UNNILOK/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kubernetes Container Runtime Interface for OCI-based containers ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-08-15T19:46:48", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: cri-o-1.11.1-1.git1759204.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-08-15T19:46:48", "id": "FEDORA:5950F64B939F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/34NVOBDA5DKQHVEIZKLYOZPBYKPF26IX/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:37", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-19T21:29:59", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: docker-1.13.1-60.git9cb56fd.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14992", "CVE-2018-10892"], "modified": "2018-08-19T21:29:59", "id": "FEDORA:340C860EE57A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/B65XDSBFRRPO7IWPCUMLKEW5CYOYUDH4/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-01-31T02:12:24", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: docker-1.13.1-63.git1185cfd.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699"], "modified": "2019-01-31T02:12:24", "id": "FEDORA:E76E4610B02D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JCSDE5WDDO2P4T75CB7EPVQ7SVEVRAKB/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2019-01-31T02:12:26", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: docker-latest-1.13.1-40.git1185cfd.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699"], "modified": "2019-01-31T02:12:26", "id": "FEDORA:EE2EF610B02D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NPTAMGFVSU2EW3SA673N7QINQHEUPDPQ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container that a developer builds and tests on a laptop will run at scale, in production*, on VMs, bare-metal servers, OpenStack clusters, public instances, or combinations of the above. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 6.0}, "published": "2019-02-21T01:39:52", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: docker-1.13.1-65.git1185cfd.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699", "CVE-2019-5736"], "modified": "2019-02-21T01:39:52", "id": "FEDORA:1EC0F60C8AD5", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FW6SI55PBCPLKSNVH4ND6U7WM6F63THU/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2021-07-25T19:25:50", "description": "**Issue Overview:**\n\nThe default OCI Linux spec in oci/defaults{_linux}.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness.(CVE-2018-10892)\n\n \n**Affected Packages:** \n\n\ndocker\n\n \n**Issue Correction:** \nRun _yum update docker_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n src: \n \u00a0\u00a0\u00a0 docker-18.06.1ce-2.16.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 docker-18.06.1ce-2.16.amzn1.x86_64 \n \u00a0\u00a0\u00a0 docker-debuginfo-18.06.1ce-2.16.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-09-05T19:30:00", "type": "amazon", "title": "Medium: docker", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-09-06T22:00:00", "id": "ALAS-2018-1071", "href": "https://alas.aws.amazon.com/ALAS-2018-1071.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "openvas": [{"lastseen": "2019-05-29T18:33:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-21T00:00:00", "type": "openvas", "title": "Fedora Update for podman FEDORA-2018-6243646704", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874840", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874840", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_6243646704_podman_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for podman FEDORA-2018-6243646704\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874840\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-21 06:05:47 +0200 (Sat, 21 Jul 2018)\");\n script_cve_id(\"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for podman FEDORA-2018-6243646704\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'podman'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"podman on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-6243646704\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JJCDOERVRVNE52QSDC5UOXE26UNNILOK\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"podman\", rpm:\"podman~0.7.2~2.git4ca4c5f.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for docker-latest FEDORA-2018-160b3d2f6c", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_160b3d2f6c_docker-latest_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for docker-latest FEDORA-2018-160b3d2f6c\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874973\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-20 11:18:14 +0200 (Mon, 20 Aug 2018)\");\n script_cve_id(\"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for docker-latest FEDORA-2018-160b3d2f6c\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker-latest'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"docker-latest on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-160b3d2f6c\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DW75UQDNPSNU5K7M6NCSXWVPUAVQDCDO\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker-latest\", rpm:\"docker-latest~1.13.1~37.git9cb56fd.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-15T00:00:00", "type": "openvas", "title": "Fedora Update for docker FEDORA-2018-9695e9b0ed", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874812", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874812", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9695e9b0ed_docker_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for docker FEDORA-2018-9695e9b0ed\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874812\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-15 06:04:35 +0200 (Sun, 15 Jul 2018)\");\n script_cve_id(\"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for docker FEDORA-2018-9695e9b0ed\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"docker on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9695e9b0ed\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZROWSFFIHGDTF4YUUQMDDKXOWPTGADSF\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker\", rpm:\"docker~1.13.1~60.git9cb56fd.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-16T00:00:00", "type": "openvas", "title": "Fedora Update for cri-o FEDORA-2018-28f30efaf6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_28f30efaf6_cri-o_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for cri-o FEDORA-2018-28f30efaf6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-16 06:09:32 +0200 (Thu, 16 Aug 2018)\");\n script_cve_id(\"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for cri-o FEDORA-2018-28f30efaf6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cri-o'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"cri-o on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-28f30efaf6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NVOBDA5DKQHVEIZKLYOZPBYKPF26IX\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"cri-o\", rpm:\"cri-o~1.11.1~1.git1759204.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for docker FEDORA-2018-df2593ee6a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14992", "CVE-2018-10892"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874974", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874974", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_df2593ee6a_docker_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for docker FEDORA-2018-df2593ee6a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874974\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-20 11:18:20 +0200 (Mon, 20 Aug 2018)\");\n script_cve_id(\"CVE-2018-10892\", \"CVE-2017-14992\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for docker FEDORA-2018-df2593ee6a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"docker on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-df2593ee6a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B65XDSBFRRPO7IWPCUMLKEW5CYOYUDH4\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker\", rpm:\"docker~1.13.1~60.git9cb56fd.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for docker FEDORA-2019-901feba171", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875435", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875435", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2019_901feba171_docker_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for docker FEDORA-2019-901feba171\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875435\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-20699\", \"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-31 04:06:50 +0100 (Thu, 31 Jan 2019)\");\n script_name(\"Fedora Update for docker FEDORA-2019-901feba171\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-901feba171\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCSDE5WDDO2P4T75CB7EPVQ7SVEVRAKB\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker'\n package(s) announced via the FEDORA-2019-901feba171 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"docker on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker\", rpm:\"docker~1.13.1~63.git1185cfd.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for docker-latest FEDORA-2019-723711c645", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875434", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875434", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2019_723711c645_docker-latest_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for docker-latest FEDORA-2019-723711c645\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875434\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2018-20699\", \"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-31 04:06:44 +0100 (Thu, 31 Jan 2019)\");\n script_name(\"Fedora Update for docker-latest FEDORA-2019-723711c645\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-723711c645\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPTAMGFVSU2EW3SA673N7QINQHEUPDPQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker-latest'\n package(s) announced via the FEDORA-2019-723711c645 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"docker-latest on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker-latest\", rpm:\"docker-latest~1.13.1~40.git1185cfd.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-02-21T00:00:00", "type": "openvas", "title": "Fedora Update for docker FEDORA-2019-f455ef79b8", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2018-20699", "CVE-2019-5736"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310875473", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875473", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875473\");\n script_version(\"$Revision: 14223 $\");\n script_cve_id(\"CVE-2019-5736\", \"CVE-2018-20699\", \"CVE-2018-10892\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-02-21 04:08:26 +0100 (Thu, 21 Feb 2019)\");\n script_name(\"Fedora Update for docker FEDORA-2019-f455ef79b8\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-f455ef79b8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FW6SI55PBCPLKSNVH4ND6U7WM6F63THU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'docker'\n package(s) announced via the FEDORA-2019-f455ef79b8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"docker on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"docker\", rpm:\"docker~1.13.1~65.git1185cfd.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T16:51:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-08-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2019:2021-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852679", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852679\");\n script_version(\"2020-01-31T08:13:19+0000\");\n script_cve_id(\"CVE-2018-10892\", \"CVE-2019-13509\", \"CVE-2019-14271\", \"CVE-2019-5736\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:13:19 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-30 02:00:50 +0000 (Fri, 30 Aug 2019)\");\n script_name(\"openSUSE: Security Advisory for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork (openSUSE-SU-2019:2021-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2021-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'containerd, docker, docker-runc,\n go, go1.11, go1.12, golang-github-docker-libnetwork' package(s) announced via the openSUSE-SU-2019:2021-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for containerd, docker, docker-runc,\n golang-github-docker-libnetwork fixes the following issues:\n\n Docker:\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch facility\n dynamically loaded a library inside a chroot (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at\n /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\n runc:\n\n - Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\n containerd:\n\n - CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\n golang-github-docker-libnetwork:\n\n - Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is\n required by docker (bsc#1142413, bsc#1139649).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2021=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2021=1\");\n\n script_tag(name:\"affected\", value:\"'containerd, ' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"containerd\", rpm:\"containerd~1.2.6~lp150.4.17.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"containerd-ctr\", rpm:\"containerd-ctr~1.2.6~lp150.4.17.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker\", rpm:\"docker~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-debuginfo\", rpm:\"docker-debuginfo~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-libnetwork\", rpm:\"docker-libnetwork~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-libnetwork-debuginfo\", rpm:\"docker-libnetwork-debuginfo~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-runc\", rpm:\"docker-runc~1.0.0rc8+gitr3826_425e105d5a03~lp150.5.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-runc-debuginfo\", rpm:\"docker-runc-debuginfo~1.0.0rc8+gitr3826_425e105d5a03~lp150.5.25.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-test\", rpm:\"docker-test~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-test-debuginfo\", rpm:\"docker-test-debuginfo~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-github-docker-libnetwork\", rpm:\"golang-github-docker-libnetwork~0.7.0.1+gitr2800_fc5a7d91d54c~lp150.3.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-bash-completion\", rpm:\"docker-bash-completion~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"docker-zsh-completion\", rpm:\"docker-zsh-completion~19.03.1_ce~lp150.5.27.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-08-19T12:29:27", "description": "Latest release\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : podman (2018-6243646704)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:podman", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-6243646704.NASL", "href": "https://www.tenable.com/plugins/nessus/120472", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-6243646704.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120472);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10892\");\n script_xref(name:\"FEDORA\", value:\"2018-6243646704\");\n\n script_name(english:\"Fedora 28 : podman (2018-6243646704)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Latest release\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-6243646704\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected podman package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"podman-0.7.2-2.git4ca4c5f.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"podman\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-16T00:51:33", "description": "The default OCI Linux spec in oci/defaults{_linux}.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness.(CVE-2018-10892)", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2018-09-07T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : docker (ALAS-2018-1071)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2018-09-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:docker", "p-cpe:/a:amazon:linux:docker-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2018-1071.NASL", "href": "https://www.tenable.com/plugins/nessus/117343", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1071.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(117343);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/09/07 17:03:10\");\n\n script_cve_id(\"CVE-2018-10892\");\n script_xref(name:\"ALAS\", value:\"2018-1071\");\n\n script_name(english:\"Amazon Linux AMI : docker (ALAS-2018-1071)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The default OCI Linux spec in oci/defaults{_linux}.go in Docker/Moby,\nfrom 1.11 to current, does not block /proc/acpi pathnames. The flaw\nallows an attacker to modify host's hardware like enabling/disabling\nBluetooth or turning up/down keyboard brightness.(CVE-2018-10892)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2018-1071.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update docker' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"docker-18.06.1ce-2.16.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"docker-debuginfo-18.06.1ce-2.16.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker / docker-debuginfo\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:29:04", "description": "Resolves: #1598581, #1598583 - CVE-2018-10892\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:docker (2018-9695e9b0ed)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:docker", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-9695E9B0ED.NASL", "href": "https://www.tenable.com/plugins/nessus/120633", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-9695e9b0ed.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120633);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10892\");\n script_xref(name:\"FEDORA\", value:\"2018-9695e9b0ed\");\n\n script_name(english:\"Fedora 28 : 2:docker (2018-9695e9b0ed)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Resolves: #1598581, #1598583 - CVE-2018-10892\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-9695e9b0ed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:docker package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"docker-1.13.1-60.git9cb56fd.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:docker\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:31:20", "description": "An update for docker is now available for Red Hat Enterprise Linux 7 Extras.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nDocker is an open source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.\n\nSecurity Fix(es) :\n\n* docker: container breakout without selinux in enforcing mode (CVE-2018-10892)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis issue was discovered by Antonio Murdaca (Red Hat).\n\nBug Fix(es) :\n\n* Previously, the `dontaudit` and `allow` SELinux rules were missing, so the kernel raised a SELinux AVC message. Consequently, some commands did not work as expected. This update adds the missing rules, and the commands now run successfully. (BZ#1550967)\n\n* Previously, during a restart the container daemon did not restore the state of a container correctly if an exec'ed process was associated with the container. Consequently, the container daemon aborted with 'panic: close of nil channel' when the daemon was handling the termination of the exec'ed process. This bug has been fixed, and the container daemon no longer panics in the aforementioned scenario. (BZ#1554121)\n\n* Previously, bind mounts were resolved before using them inside a container. Consequently, symlinks could not be mounted inside of the container. With this update, the source of a bind mount is not resolved. As a result, it is possible to bind mount symlinks again into a container. (BZ#1603201)", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "RHEL 7 : docker (RHSA-2018:2482)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:docker", "p-cpe:/a:redhat:enterprise_linux:docker-client", "p-cpe:/a:redhat:enterprise_linux:docker-common", "p-cpe:/a:redhat:enterprise_linux:docker-debuginfo", "p-cpe:/a:redhat:enterprise_linux:docker-logrotate", "p-cpe:/a:redhat:enterprise_linux:docker-lvm-plugin", "p-cpe:/a:redhat:enterprise_linux:docker-novolume-plugin", "p-cpe:/a:redhat:enterprise_linux:docker-rhel-push-plugin", "p-cpe:/a:redhat:enterprise_linux:docker-v1.10-migrator", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-2482.NASL", "href": "https://www.tenable.com/plugins/nessus/111805", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:2482. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111805);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/10/24 15:35:45\");\n\n script_cve_id(\"CVE-2018-10892\");\n script_xref(name:\"RHSA\", value:\"2018:2482\");\n\n script_name(english:\"RHEL 7 : docker (RHSA-2018:2482)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for docker is now available for Red Hat Enterprise Linux 7\nExtras.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nDocker is an open source engine that automates the deployment of any\napplication as a lightweight, portable, self-sufficient container that\nruns virtually anywhere.\n\nSecurity Fix(es) :\n\n* docker: container breakout without selinux in enforcing mode\n(CVE-2018-10892)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nThis issue was discovered by Antonio Murdaca (Red Hat).\n\nBug Fix(es) :\n\n* Previously, the `dontaudit` and `allow` SELinux rules were missing,\nso the kernel raised a SELinux AVC message. Consequently, some\ncommands did not work as expected. This update adds the missing rules,\nand the commands now run successfully. (BZ#1550967)\n\n* Previously, during a restart the container daemon did not restore\nthe state of a container correctly if an exec'ed process was\nassociated with the container. Consequently, the container daemon\naborted with 'panic: close of nil channel' when the daemon was\nhandling the termination of the exec'ed process. This bug has been\nfixed, and the container daemon no longer panics in the aforementioned\nscenario. (BZ#1554121)\n\n* Previously, bind mounts were resolved before using them inside a\ncontainer. Consequently, symlinks could not be mounted inside of the\ncontainer. With this update, the source of a bind mount is not\nresolved. As a result, it is possible to bind mount symlinks again\ninto a container. (BZ#1603201)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:2482\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-10892\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-logrotate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-lvm-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-novolume-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-rhel-push-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:docker-v1.10-migrator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:2482\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-client-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-client-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-common-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-common-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-debuginfo-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-debuginfo-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-logrotate-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-logrotate-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-lvm-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-lvm-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-novolume-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-novolume-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-rhel-push-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-rhel-push-plugin-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"docker-v1.10-migrator-1.13.1-74.git6e3bb8e.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"docker-v1.10-migrator-1.13.1-74.git6e3bb8e.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"docker / docker-client / docker-common / docker-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:29:27", "description": "Update to latest version.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2019-01-03T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:cri-o (2018-28f30efaf6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:cri-o", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-28F30EFAF6.NASL", "href": "https://www.tenable.com/plugins/nessus/120308", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-28f30efaf6.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120308);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2018-10892\");\n script_xref(name:\"FEDORA\", value:\"2018-28f30efaf6\");\n\n script_name(english:\"Fedora 28 : 2:cri-o (2018-28f30efaf6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest version.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-28f30efaf6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:cri-o package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:cri-o\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"cri-o-1.11.1-1.git1759204.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:cri-o\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-16T00:44:19", "description": "- Resolves: #1666565, #1667625 - CVE-2018-20699\n\n - Resolves: #1663068, #1667626 - umount all procfs and sysfs with --no-pivot\n\n - built docker @projectatomic/docker-1.13.1 commit 1185cfd\n\n - built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43\n\n----\n\nResolves: #1598581, #1598582 - CVE-2018-10892\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2019-01-31T00:00:00", "type": "nessus", "title": "Fedora 28 : 2:docker-latest (2019-723711c645)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14992", "CVE-2018-10892", "CVE-2018-20699"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:docker-latest", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-723711C645.NASL", "href": "https://www.tenable.com/plugins/nessus/121488", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-723711c645.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121488);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2017-14992\", \"CVE-2018-10892\", \"CVE-2018-20699\");\n script_xref(name:\"FEDORA\", value:\"2019-723711c645\");\n\n script_name(english:\"Fedora 28 : 2:docker-latest (2019-723711c645)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Resolves: #1666565, #1667625 - CVE-2018-20699\n\n - Resolves: #1663068, #1667626 - umount all procfs and\n sysfs with --no-pivot\n\n - built docker @projectatomic/docker-1.13.1 commit 1185cfd\n\n - built docker-runc @projectatomic/docker-1.13.1 commit\n e4ffe43\n\n----\n\nResolves: #1598581, #1598582 - CVE-2018-10892\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-723711c645\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:docker-latest package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10892\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:docker-latest\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"docker-latest-1.13.1-40.git1185cfd.fc28\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:docker-latest\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-06-16T16:51:33", "description": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\nrunc :\n\n - Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\ncontainerd :\n\n - CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\ngolang-github-docker-libnetwork :\n\n - Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-2021)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:containerd", "p-cpe:/a:novell:opensuse:containerd-ctr", "p-cpe:/a:novell:opensuse:docker", "p-cpe:/a:novell:opensuse:docker-bash-completion", "p-cpe:/a:novell:opensuse:docker-debuginfo", "p-cpe:/a:novell:opensuse:docker-libnetwork", "p-cpe:/a:novell:opensuse:docker-libnetwork-debuginfo", "p-cpe:/a:novell:opensuse:docker-runc", "p-cpe:/a:novell:opensuse:docker-runc-debuginfo", "p-cpe:/a:novell:opensuse:docker-test", "p-cpe:/a:novell:opensuse:docker-test-debuginfo", "p-cpe:/a:novell:opensuse:docker-zsh-completion", "p-cpe:/a:novell:opensuse:golang-github-docker-libnetwork", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2021.NASL", "href": "https://www.tenable.com/plugins/nessus/128409", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2021.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128409);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2018-10892\", \"CVE-2019-13509\", \"CVE-2019-14271\", \"CVE-2019-5736\");\n\n script_name(english:\"openSUSE Security Update : containerd / docker / docker-runc / etc (openSUSE-2019-2021)\");\n script_summary(english:\"Check for the openSUSE-2019-2021 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for containerd, docker, docker-runc,\ngolang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch\n facility dynamically loaded a library inside a chroot\n (bsc#1143409).\n\n - CVE-2019-13509: Fixed an information leak in the debug\n log (bsc#1142160).\n\n - Update to version 19.03.1-ce, see changelog at\n /usr/share/doc/packages/docker/CHANGELOG.md\n (bsc#1142413, bsc#1139649).\n\nrunc :\n\n - Use %config(noreplace) for /etc/docker/daemon.json\n (bsc#1138920).\n\n - Update to runc 425e105d5a03, which is required by Docker\n (bsc#1139649).\n\ncontainerd :\n\n - CVE-2019-5736: Fixed a container breakout vulnerability\n (bsc#1121967).\n\n - Update to containerd v1.2.6, which is required by docker\n (bsc#1139649).\n\ngolang-github-docker-libnetwork :\n\n - Update to version\n git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is\n required by docker (bsc#1142413, bsc#1139649).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1100331\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1138920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1139649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142413\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1143409\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected containerd / docker / docker-runc / etc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:containerd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:containerd-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-bash-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-libnetwork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-runc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:docker-zsh-completion\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:golang-github-docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"containerd-1.2.6-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"containerd-ctr-1.2.6-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-bash-completion-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-debuginfo-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-test-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-test-debuginfo-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"docker-zsh-completion-19.03.1_ce-lp151.2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"containerd / containerd-ctr / docker-runc / docker-runc-debuginfo / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-16T16:53:38", "description": "This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\nCVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).\n\nCVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n\nUpdate to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\nrunc: Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n\nUpdate to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\ncontainerd: CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n\nUpdate to containerd v1.2.6, which is required by docker (bsc#1139649).\n\ngolang-github-docker-libnetwork: Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-14T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2019:2117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:containerd", "p-cpe:/a:novell:suse_linux:containerd-ctr", "p-cpe:/a:novell:suse_linux:containerd-kubic", "p-cpe:/a:novell:suse_linux:containerd-kubic-ctr", "p-cpe:/a:novell:suse_linux:docker", "p-cpe:/a:novell:suse_linux:docker-debuginfo", "p-cpe:/a:novell:suse_linux:docker-kubic", "p-cpe:/a:novell:suse_linux:docker-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-kubic-kubeadm-criconfig", "p-cpe:/a:novell:suse_linux:docker-kubic-test", "p-cpe:/a:novell:suse_linux:docker-kubic-test-debuginfo", "p-cpe:/a:novell:suse_linux:docker-libnetwork", "p-cpe:/a:novell:suse_linux:docker-libnetwork-debuginfo", "p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic", "p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-runc", "p-cpe:/a:novell:suse_linux:docker-runc-debuginfo", "p-cpe:/a:novell:suse_linux:docker-runc-kubic", "p-cpe:/a:novell:suse_linux:docker-runc-kubic-debuginfo", "p-cpe:/a:novell:suse_linux:docker-test", "p-cpe:/a:novell:suse_linux:docker-test-debuginfo", "p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork", "p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork-kubic", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/127884", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2117-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127884);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\n \"CVE-2018-10892\",\n \"CVE-2019-5736\",\n \"CVE-2019-13509\",\n \"CVE-2019-14271\"\n );\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : containerd, docker, docker-runc, golang-github-docker-libnetwork (SUSE-SU-2019:2117-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for containerd, docker, docker-runc,\ngolang-github-docker-libnetwork fixes the following issues :\n\nDocker :\n\nCVE-2019-14271: Fixed a code injection if the nsswitch facility\ndynamically loaded a library inside a chroot (bsc#1143409).\n\nCVE-2019-13509: Fixed an information leak in the debug log\n(bsc#1142160).\n\nUpdate to version 19.03.1-ce, see changelog at\n/usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413,\nbsc#1139649).\n\nrunc: Use %config(noreplace) for /etc/docker/daemon.json\n(bsc#1138920).\n\nUpdate to runc 425e105d5a03, which is required by Docker\n(bsc#1139649).\n\ncontainerd: CVE-2019-5736: Fixed a container breakout vulnerability\n(bsc#1121967).\n\nUpdate to containerd v1.2.6, which is required by docker\n(bsc#1139649).\n\ngolang-github-docker-libnetwork: Update to version\ngit.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by\ndocker (bsc#1142413, bsc#1139649).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1100331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121967\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1138920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1139649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1142413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1143409\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10892/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13509/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14271/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-5736/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192117-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b0a9a6ef\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2117=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2117=1\n\nSUSE Linux Enterprise Module for Containers 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Containers-15-SP1-2019-2117=1\n\nSUSE Linux Enterprise Module for Containers 15:zypper in -t patch\nSUSE-SLE-Module-Containers-15-2019-2117=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-14271\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:containerd-kubic-ctr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-kubeadm-criconfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-kubic-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-libnetwork-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-runc-kubic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:docker-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:golang-github-docker-libnetwork-kubic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-kubic-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"containerd-kubic-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-kubic-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"containerd-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-libnetwork-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-runc-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-kubic-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"containerd-kubic-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-kubeadm-criconfig-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-kubic-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-libnetwork-kubic-debuginfo-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-runc-kubic-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-runc-kubic-debuginfo-1.0.0rc8+gitr3826_425e105d5a03-6.21.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"golang-github-docker-libnetwork-kubic-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"containerd-ctr-1.2.6-5.16.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-test-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"docker-test-debuginfo-19.03.1_ce-6.26.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"containerd / docker / docker-runc / golang-github-docker-libnetwork\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-23T15:14:23", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by multiple vulnerabilities:\n\n - Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. (CVE-2017-14992)\n\n - The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a scsi remove-single-device line to /proc/scsi/scsi, aka SCSI MICDROP. (CVE-2017-16539)\n\n - libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.\n (CVE-2017-18367)\n\n - The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. (CVE-2018-10892)\n\n - In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot). (CVE-2018-15664)\n\n - Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. (CVE-2018-20699)\n\n - In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the docker build command would be able to gain command execution. An issue exists in the way docker build processes remote git URLs, and results in command injection into the underlying git clone command, leading to code execution in the context of the user executing the docker build command. This occurs because git ref can be misinterpreted as a flag. (CVE-2019-13139)\n\n - In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. (CVE-2019-13509)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. (CVE-2020-13401)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.6, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2020-0082)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14992", "CVE-2017-16539", "CVE-2017-18367", "CVE-2018-10892", "CVE-2018-15664", "CVE-2018-20699", "CVE-2019-13139", "CVE-2019-13509", "CVE-2019-5736", "CVE-2020-13401"], "modified": "2021-07-01T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2020-0082_DOCKER-CE.NASL", "href": "https://www.tenable.com/plugins/nessus/143962", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2020-0082. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143962);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/01\");\n\n script_cve_id(\n \"CVE-2017-14992\",\n \"CVE-2017-16539\",\n \"CVE-2017-18367\",\n \"CVE-2018-10892\",\n \"CVE-2018-15664\",\n \"CVE-2018-20699\",\n \"CVE-2019-5736\",\n \"CVE-2019-13139\",\n \"CVE-2019-13509\",\n \"CVE-2020-13401\"\n );\n script_bugtraq_id(\n 106539,\n 106976,\n 108507,\n 109253\n );\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2020-0082)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected\nby multiple vulnerabilities:\n\n - Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0,\n 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a\n Denial of Service via a crafted image layer payload, aka gzip bombing. (CVE-2017-14992)\n\n - The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block\n /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are\n used) by leveraging Docker container access to write a scsi remove-single-device line to\n /proc/scsi/scsi, aka SCSI MICDROP. (CVE-2017-16539)\n\n - libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than\n ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall\n arguments could bypass intended access restrictions by specifying a single matching argument.\n (CVE-2017-18367)\n\n - The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block\n /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling\n bluetooth or turning up/down keyboard brightness. (CVE-2018-10892)\n\n - In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a\n symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host\n filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen\n filesystem (or from within a chroot). (CVE-2018-15664)\n\n - Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via\n a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go,\n pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. (CVE-2018-20699)\n\n - In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the\n docker build command would be able to gain command execution. An issue exists in the way docker build\n processes remote git URLs, and results in command injection into the underlying git clone command,\n leading to code execution in the context of the user executing the docker build command. This occurs\n because git ref can be misinterpreted as a flag. (CVE-2019-13139)\n\n - In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before\n 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a\n scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It\n potentially applies to other API users of the stack API if they resend the secret. (CVE-2019-13509)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite\n the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a\n command as root within one of these types of containers: (1) a new container with an attacker-controlled\n image, or (2) an existing container, to which the attacker previously had write access, that can be\n attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW\n capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain\n sensitive information, or cause a denial of service. (CVE-2020-13401)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2020-0082\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL docker-ce packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL CORE 5.04': [\n 'docker-ce-17.03.3-1.el7.2007201247git969117f',\n 'docker-ce-debuginfo-17.03.3-1.el7.2007201247git969117f'\n ],\n 'CGSL MAIN 5.04': [\n 'docker-ce-17.03.3-1.el7.2007201247git969117f',\n 'docker-ce-debuginfo-17.03.3-1.el7.2007201247git969117f'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'docker-ce');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:25", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected by multiple vulnerabilities:\n\n - Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. (CVE-2017-14992)\n\n - The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a scsi remove-single-device line to /proc/scsi/scsi, aka SCSI MICDROP. (CVE-2017-16539)\n\n - libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument.\n (CVE-2017-18367)\n\n - The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. (CVE-2018-10892)\n\n - In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot). (CVE-2018-15664)\n\n - Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. (CVE-2018-20699)\n\n - In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the docker build command would be able to gain command execution. An issue exists in the way docker build processes remote git URLs, and results in command injection into the underlying git clone command, leading to code execution in the context of the user executing the docker build command. This occurs because git ref can be misinterpreted as a flag. (CVE-2019-13139)\n\n - In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. (CVE-2019-13509)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service. (CVE-2020-13401)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.6, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}, "published": "2021-10-27T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0138)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14992", "CVE-2017-16539", "CVE-2017-18367", "CVE-2018-10892", "CVE-2018-15664", "CVE-2018-20699", "CVE-2019-13139", "CVE-2019-13509", "CVE-2019-5736", "CVE-2020-13401"], "modified": "2021-10-28T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:docker-ce", "p-cpe:/a:zte:cgsl_core:docker-ce-debuginfo", "p-cpe:/a:zte:cgsl_main:docker-ce", "p-cpe:/a:zte:cgsl_main:docker-ce-debuginfo", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2021-0138_DOCKER-CE.NASL", "href": "https://www.tenable.com/plugins/nessus/154519", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0138. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154519);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/28\");\n\n script_cve_id(\n \"CVE-2017-14992\",\n \"CVE-2017-16539\",\n \"CVE-2017-18367\",\n \"CVE-2018-10892\",\n \"CVE-2018-15664\",\n \"CVE-2018-20699\",\n \"CVE-2019-5736\",\n \"CVE-2019-13139\",\n \"CVE-2019-13509\",\n \"CVE-2020-13401\"\n );\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0138)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has docker-ce packages installed that are affected\nby multiple vulnerabilities:\n\n - Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0,\n 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a\n Denial of Service via a crafted image layer payload, aka gzip bombing. (CVE-2017-14992)\n\n - The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block\n /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are\n used) by leveraging Docker container access to write a scsi remove-single-device line to\n /proc/scsi/scsi, aka SCSI MICDROP. (CVE-2017-16539)\n\n - libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than\n ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall\n arguments could bypass intended access restrictions by specifying a single matching argument.\n (CVE-2017-18367)\n\n - The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block\n /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling\n bluetooth or turning up/down keyboard brightness. (CVE-2018-10892)\n\n - In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a\n symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host\n filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen\n filesystem (or from within a chroot). (CVE-2018-15664)\n\n - Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via\n a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go,\n pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go. (CVE-2018-20699)\n\n - In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the\n docker build command would be able to gain command execution. An issue exists in the way docker build\n processes remote git URLs, and results in command injection into the underlying git clone command,\n leading to code execution in the context of the user executing the docker build command. This occurs\n because git ref can be misinterpreted as a flag. (CVE-2019-13139)\n\n - In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before\n 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a\n scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It\n potentially applies to other API users of the stack API if they resend the secret. (CVE-2019-13509)\n\n - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite\n the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a\n command as root within one of these types of containers: (1) a new container with an attacker-controlled\n image, or (2) an existing container, to which the attacker previously had write access, that can be\n attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.\n (CVE-2019-5736)\n\n - An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW\n capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain\n sensitive information, or cause a denial of service. (CVE-2020-13401)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0138\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2017-14992\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2017-16539\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2017-18367\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-10892\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-15664\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2018-20699\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-13139\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-13509\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-5736\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2020-13401\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL docker-ce packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5736\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Docker Container Escape Via runC Overwrite');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:docker-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:docker-ce-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:docker-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:docker-ce-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'docker-ce-17.03.3-1.el7.2009070756git3409267',\n 'docker-ce-debuginfo-17.03.3-1.el7.2009070756git3409267'\n ],\n 'CGSL MAIN 5.05': [\n 'docker-ce-17.03.3-1.el7.2009070756git3409267',\n 'docker-ce-debuginfo-17.03.3-1.el7.2009070756git3409267'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'docker-ce');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:35:39", "description": "The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from\n1.11 to current does not block /proc/acpi pathnames. The flaw allows an\nattacker to modify host's hardware like enabling/disabling bluetooth or\nturning up/down keyboard brightness.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908057>\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1598581>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-07-06T00:00:00", "type": "ubuntucve", "title": "CVE-2018-10892", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-07-06T00:00:00", "id": "UB:CVE-2018-10892", "href": "https://ubuntu.com/security/CVE-2018-10892", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "redhat": [{"lastseen": "2021-10-19T20:38:33", "description": "Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.\n\nSecurity Fix(es):\n\n* docker: container breakout without selinux in enforcing mode (CVE-2018-10892)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis issue was discovered by Antonio Murdaca (Red Hat).\n\nBug Fix(es):\n\n* Previously, the `dontaudit` and `allow` SELinux rules were missing, so the kernel raised a SELinux AVC message. Consequently, some commands did not work as expected. This update adds the missing rules, and the commands now run successfully. (BZ#1550967)\n\n* Previously, during a restart the container daemon did not restore the state of a container correctly if an exec'ed process was associated with the container. Consequently, the container daemon aborted with 'panic: close of nil channel' when the daemon was handling the termination of the exec'ed process. This bug has been fixed, and the container daemon no longer panics in the aforementioned scenario. (BZ#1554121)\n\n* Previously, bind mounts were resolved before using them inside a container. Consequently, symlinks could not be mounted inside of the container. With this update, the source of a bind mount is not resolved. As a result, it is possible to bind mount symlinks again into a container. (BZ#1603201)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 5.3, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 1.4}, "published": "2018-08-16T15:44:23", "type": "redhat", "title": "(RHSA-2018:2482) Moderate: docker security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-08-16T15:50:33", "id": "RHSA-2018:2482", "href": "https://access.redhat.com/errata/RHSA-2018:2482", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-19T20:39:47", "description": "Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.\n\nSecurity Fix(es):\n\n* openstack-rabbitmq-container: Insecure download of rabbitmq_clusterer during docker build (CVE-2018-14620)\n\nFor more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section.\n\nThe Red Hat OpenStack Platform container images have been updated to address security advisory/ies: RHSA-2018:2439, RHSA-2018:2482, RHSA-2018:2557.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2018-09-19T17:36:53", "type": "redhat", "title": "(RHSA-2018:2729) Moderate: Red Hat Enterprise Linux OpenStack Platform security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-10268", "CVE-2017-10378", "CVE-2017-10379", "CVE-2017-10384", "CVE-2017-3636", "CVE-2017-3641", "CVE-2017-3651", "CVE-2017-3653", "CVE-2018-10892", "CVE-2018-10915", "CVE-2018-14620", "CVE-2018-2562", "CVE-2018-2622", "CVE-2018-2640", "CVE-2018-2665", "CVE-2018-2668", "CVE-2018-2755", "CVE-2018-2761", "CVE-2018-2767", "CVE-2018-2771", "CVE-2018-2781", "CVE-2018-2813", "CVE-2018-2817", "CVE-2018-2819"], "modified": "2018-09-19T18:06:29", "id": "RHSA-2018:2729", "href": "https://access.redhat.com/errata/RHSA-2018:2729", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T05:17:43", "description": "The default OCI Linux spec in oci/defaults{_linux}.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-01-03T09:30:56", "type": "redhatcve", "title": "CVE-2018-10892", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2022-06-08T04:44:21", "id": "RH:CVE-2018-10892", "href": "https://access.redhat.com/security/cve/cve-2018-10892", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "ibm": [{"lastseen": "2022-06-28T22:07:34", "description": "## Summary\n\nUsers of IBM Cloud Private and the IBM Cloud Automation Manager component could be affected by a vulnerability in Docker\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2018-10892](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10892>) \n**DESCRIPTION:** Docker could allow a local attacker to bypass security restrictions, caused by the failure to block /proc/acpi pathnames by the default OCI linux spec in oci/defaults{_linux}.go. An attacker could exploit this vulnerability to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. \nCVSS Base Score: 4.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147374> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\nIBM Cloud Private 2.1.0.x and 3.1.0\n\n## Remediation/Fixes\n\nUpgrade Docker to version 18.03.1 or higher.\n\n**Docker upgrade instructions for IBM Cloud Private: **\n\nUbuntu: <https://docs.docker.com/install/linux/docker-ce/ubuntu/>\n\nRHEL: <https://docs.docker.com/install/linux/docker-ce/centos/>\n\n**Docker upgrade instructions for IBM Cloud Automation Manager component are below:**\n\nIBM Cloud Automation Manager Content Runtime deployment installs either Docker CE or Docker EE on the Content Runtime virtual machine based on user selection. Docker CE is installed either using Docker provided convenience scripts or using the installation binary provided by the user. Docker EE is installed using the Docker EE repository URL provided by the user or the installation binary provided by the user. \n\nTo fix this vulnerability, you need to upgrade the Docker Engine to 18.03.1 or 18.06.1. Do not upgrade to 18.09 or higher as the devicemapper storage driver that is used by your content runtime deployment is deprecated in 18.09. Follow these steps to upgrade the Docker Engine installed on your Content Runtime virtual machine. \n\nIf you are using Docker Universal Control Plane or Docker Trusted Registry you will not be able to upgrade to 18.x. Refer to release notes provided in <https://docs.docker.com/release-notes/docker-ce/> and <https://docs.docker.com/ee/engine/release-notes/> for more information. Also refer to <https://docs.docker.com/ee/upgrade/> for general information on Docker EE upgrades.\n\n**Before you upgrade the Docker Engine:**\n\n1\\. Verify the docker engine version that is running on your Content Runtime Virtual Machine. If the version that is running is lower than 18.03.1, then you need to upgrade.\n\n2\\. Make sure you have no middleware content template deployments or destructions or deletes in \u201cProgress\u201d state. If there are, then wait for them to complete before your start your upgrade.\n\n3\\. Execute the following command to bring down the pattern manager and software repository containers on the Content Runtime Virtual Machine. \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml down\n\n**Upgrade Docker CE on Ubuntu**\n\n1\\. Execute the following command to update the apt packages \n\nsudo apt-get update\n\n2\\. List the versions available in your repo. Verify if the version you need is in the list. \n\nsudo apt-cache madison docker-ce\n\n3\\. Install a specific version by its fully qualified package name\n \n \n sudo apt-get install docker-ce=<VERSION>\n\nWhere version is the second column from output of the step 3\n \n \n \n Example: sudo apt-get install docker-ce=18.06.1~ce~3-0~ubuntu\n \n \n\n4\\. Verify the docker version using the following command \n \n \n \n sudo docker version\n \n 5. Restart the containers using the following command \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml up -d\n\n6\\. Verify if the containers are started by executing the following command.\n\nsudo docker ps\n\nFor more details on install and upgrade of Docker CE on Ubuntu refer to https://docs.docker.com/install/linux/docker-ce/ubuntu/\n\n**Upgrade Docker EE on Ubuntu**\n\n1\\. Execute the following command to set up the repository for Docker Engine 18.03\n \n \n \n sudo add-apt-repository \"deb [arch=amd64] <YOUR_DOCKER_EE_REPO_URL>/ubuntu <YOUR_UBUNTU_VERSION> stable-18.03\"\n \n \n \n \n Example: sudo add-apt-repository \"deb [arch=amd64] [https://storebits.docker.com/ee/trial/sub-xxx-xxx-xxx-xxx-xxx/ubuntu xenial stable-18.03](<https://storebits.docker.com/ee/trial/sub-xxx-xxx-xxx-xxx-xxx/ubuntu%20xenial%20stable-18.03>)\"\n \n 2. Execute the following command to update the apt packages\n \n \n \n \n sudo apt-get update\n \n 3. List the versions available in your repo. Verify if the version you need is in the list.\n \n \n \n \n sudo apt-cache madison docker-ee\n \n 4. Install a specific version by its fully qualified package name\n \n \n sudo apt-get install docker-ee=<VERSION>\n\nWhere version is the second column from output of the step 3\n \n \n \u00a0\u00a0 \n \n \n Example: sudo apt-get install docker-ee=3:18.03.1~ee~3~3-0~ubuntu\n \n 5. Verify the docker version using the following command \n \n \n \n \n sudo docker version\n \n 6. Restart the containers using the following command \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml up -d\n\n7\\. Verify if the containers are started by executing the following command.\n\nsudo docker ps\n \n \n For more details on install and upgrade of Docker EE on Ubuntu refer to https://docs.docker.com/install/linux/docker-ee/ubuntu/\n \n \n \n \n \u00a0\n\n**Upgrade Docker EE on Red Hat Linux**\n\n1\\. Execute the following command to set up the repository for Docker Engine 18.03\n \n \n \n \u00a0\n \n \n sudo yum-config-manager --enable docker-ee-stable-18.03\n \n \n \n \u00a0\n 2. List the versions available in your repository. Verify if the version you need is in the list. \n \n \n \n sudo yum list docker-ee --showduplicates | sort -r\n \n 3. Install the latest docker engine\n \n \n \n \n sudo yum -y install docker-ee\n \n 4. Verify the docker version using the following command \n \n \n \n \n sudo docker version\n \n 5. Restart the containers using the following command \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml up -d\n\n6\\. Verify if the containers are started by executing the following command.\n\nsudo docker ps\n \n \n \n \u00a0\n \n \n For more details on install and upgrade of Docker EE on Red Hat Linux refer to \n https://docs.docker.com/install/linux/docker-ee/rhel/\n \n \n \n \n \u00a0\n \n \n **Upgrade Docker installed using binary files**\n \n \n \n \n If you installed Docker on Content Runtime virtual machine using the Docker Installation file option during Content \n Runtime deployment, then you need to download the debian or rpm package from Docker and upgrade the package. \n \n \n \n \n For more information, depending on your operating system and Docker Engine Edition, refer to Upgrade section in \n one of the following link\n \n \n \n \n <https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-from-a-package>, \n <https://docs.docker.com/install/linux/docker-ee/rhel/#install-with-a-package>, \n or <https://docs.docker.com/install/linux/docker-ee/ubuntu/#install-from-a-package> \n \n \n \n \n **For Red Hat execute the following steps**\n \n 1. Upgrade to new version using\n \n \n \n \n sudo yum -y upgrade <PATH_TO_UPGRADE_PACKAGE>\n \n 2. Verify the docker version using \n \n \n \n docker version\n \n 3. Restart the containers using the following command \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml up -d\n\n4\\. Verify if the containers are started by executing the following command.\n\ndocker ps\n \n \n \n \u00a0\n \n \n \n **For Ubuntu execute the following steps**\n \n 1. Upgrade to new version using\n \n \n \n \n sudo dpkg -i <PATH_TO_UPGRADE_PACKAGE>\n \n 2. Verify the docker version using \n \n \n \n docker version\n \n \n\n3\\. Restart the containers using the following command \n\ncd /root/advanced-content-runtime\n\ndocker-compose -f docker-compose.yml up -d\n\n4\\. Verify if the containers are started by executing the following command.\n\ndocker ps\n \n \n \n \u00a0\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n14 November 2018 - original document published\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud & Data Platform\"},\"Product\":{\"code\":\"SSBS6K\",\"label\":\"IBM Cloud Private\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"2.1.0, 3.1.0\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-11-14T19:20:01", "type": "ibm", "title": "Security Bulletin: A Security Vulnerability could affect IBM\u00ae Cloud Private (CVE-2018-10892)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2018-11-14T19:20:01", "id": "B8ED4D0C1C5D1E01AED72B188FB319FE4EB8FDB211DB044010433250C46EC4EF", "href": "https://www.ibm.com/support/pages/node/739839", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2022-03-23T12:10:26", "description": "The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2018-07-06T16:29:00", "type": "cve", "title": "CVE-2018-10892", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892"], "modified": "2020-08-31T15:49:00", "cpe": ["cpe:/a:docker:docker:18.03.1", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/a:mobyproject:moby:17.03.2", "cpe:/o:opensuse:leap:15.1", "cpe:/a:redhat:openstack:12", "cpe:/o:redhat:enterprise_linux:7.0", "cpe:/o:opensuse:leap:15.0"], "id": "CVE-2018-10892", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10892", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:docker:docker:18.03.1:*:*:*:community_edition:*:*:*", "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*", "cpe:2.3:a:docker:docker:18.03.1:*:*:*:enterprise_edition:*:*:*", "cpe:2.3:a:mobyproject:moby:17.03.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"]}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Updated docker packages fix security vulnerabilities: Lack of content verification in docker allowed a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing (CVE-2017-14992). The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi pathnames, which allowed attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a \"scsi remove-single-device\" line to /proc/scsi/scsi, aka SCSI MICDROP (CVE-2017-16539). Container breakout without selinux in enforcing mode (CVE-2018-10892). The docker package has been updated to version 18.06.1 to fix these issues and other bugs. Also, the golang package was updated to version 1.11.1 to be able to build the update docker software. Additionally, the docker-containerd and opencontainers-runc packages have been updated to work with the updated docker package. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-10-19T18:00:37", "type": "mageia", "title": "Updated docker packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-14992", "CVE-2017-16539", "CVE-2018-10892"], "modified": "2018-10-19T18:00:37", "id": "MGASA-2018-0398", "href": "https://advisories.mageia.org/MGASA-2018-0398.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "citrix": [{"lastseen": "2020-12-24T11:42:53", "description": "<section class=\"article-content\" data-swapid=\"ArticleContent\">\n<div class=\"content-block\" data-swapid=\"ContentBlock\"><div>\n<div>\n\n<h2 id=\"DescriptionofProblem\"> Description of Problem</h2>\n\n<div>\n<div>\n<div>\n<p>A number of security vulnerabilities have been identified in Citrix XenServer that may allow malicious code running in a PV guest VM to compromise the host and malicious privileged code running in an HVM guest VM to crash the host.</p>\n<p>These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.4.</p>\n<p>The following vulnerabilities have been addressed:</p>\n<p>CVE-2017-5754: (High) Rogue data cache load, memory access permission check performed after kernel memory read</p>\n<p>CVE-2018-10982: (Medium) x86: vHPET interrupt injection errors</p>\n<p>CVE-2018-8897: (High) x86: mishandling of debug exceptions</p>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"MitigatingFactors\"> Mitigating Factors</h2>\n\n<div>\n<div>\n<div>\n<p>Customers with only HVM guest VMs with no untrustworthy privileged code running have mitigated these issues. Note that all Windows VMs are HVM guest VMs.</p>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"WhatCustomersShouldDo\"> What Customers Should Do</h2>\n\n<div>\n<div>\n<div>\n<p>Hotfixes have been released to address these issues. Citrix strongly recommends that affected customers install these hotfixes as soon as possible. The hotfixes can be downloaded from the following locations:</p>\n<p>Citrix XenServer 7.4: CTX234440 \u2013 <a href=\"https://support.citrix.com/article/CTX234440\">https://support.citrix.com/article/CTX234440</a> </p>\n<p>Citrix XenServer 7.3: CTX234439 \u2013 <a href=\"https://support.citrix.com/article/CTX234439\">https://support.citrix.com/article/CTX234439</a> </p>\n<p>Citrix XenServer 7.1 LTSR CU1: CTX234437 \u2013 <a href=\"https://support.citrix.com/article/CTX234437\">https://support.citrix.com/article/CTX234437</a> </p>\n<p>Citrix XenServer 7.0: CTX234436 \u2013 <a href=\"https://support.citrix.com/article/CTX234436\">https://support.citrix.com/article/CTX234436</a> </p>\n<p>Citrix XenServer 6.5 SP1: CTX234435 \u2013 <a href=\"https://support.citrix.com/article/CTX234435\">https://support.citrix.com/article/CTX234435</a> </p>\n<p>Citrix XenServer 6.2 SP1: CTX234434 \u2013 <a href=\"https://support.citrix.com/article/CTX234434\">https://support.citrix.com/article/CTX234434</a> </p>\n<p>Citrix XenServer 6.0.2 Common Criteria: CTX234433 \u2013 <a href=\"https://support.citrix.com/article/CTX234433\">https://support.citrix.com/article/CTX234433</a> </p>\n<p>In addition, following the publication of CVE-2017-5754, Citrix committed to provide mitigations for this issue for the Citrix XenServer 7.2 release which is now End of Life. A hotfix for this release is available at Citrix XenServer 7.2: CTX234438 \u2013 <a href=\"https://support.citrix.com/article/CTX234438\">https://support.citrix.com/article/CTX234438</a> </p>\n<p>Note that, in line with previous statements, the hotfixes for the 6.x versions of Citrix XenServer do not include mitigations for CVE-2017-5754.</p>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"WhatCitrixIsDoing\"> What Citrix Is Doing</h2>\n\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at <u> <a href=\"http://support.citrix.com/\">http://support.citrix.com/</a></u>.</p>\n</div>\n</div>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"ObtainingSupportonThisIssue\"> Obtaining Support on This Issue</h2>\n\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at <u> <a href=\"https://www.citrix.com/support/open-a-support-case.html\">https://www.citrix.com/support/open-a-support-case.html</a></u>. </p>\n</div>\n</div>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"ReportingSecurityVulnerabilities\"> Reporting Security Vulnerabilities</h2>\n\n<div>\n<div>\n<div>\n<div>\n<div>\n<p>Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For guidance on how to report security-related issues to Citrix, please see the following document: CTX081743 \u2013 <a href=\"http://support.citrix.com/article/CTX081743\">Reporting Security Issues to Citrix</a></p>\n</div>\n</div>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n<div>\n\n<h2 id=\"Changelog\"> Changelog</h2>\n\n<div>\n<div>\n<div>\n<table border=\"1\" cellpadding=\"1\" cellspacing=\"0\" width=\"100%\">\n<tbody>\n<tr>\n<td>Date </td>\n<td>Change</td>\n</tr>\n<tr>\n<td>8th May 2018</td>\n<td>Initial Publication</td>\n</tr>\n<tr>\n<td>11th May 2018</td>\n<td>Updated missing CVE identifier CVE-2018-10892</td>\n</tr>\n</tbody>\n</table>\n</div>\n</div>\n</div>\n\n<hr/>\n</div>\n</div></div>\n</section>", "edition": 2, "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 6.0}, "published": "2018-05-08T04:00:00", "type": "citrix", "title": "Citrix XenServer Multiple Security Updates", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5754", "CVE-2018-10892", "CVE-2018-10982", "CVE-2018-8897"], "modified": "2018-05-11T04:00:00", "id": "CTX234679", "href": "https://support.citrix.com/article/CTX234679", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2022-06-30T18:26:43", "description": "An update that solves four vulnerabilities and has three\n fixes is now available.\n\nDescription:\n\n This update for containerd, docker, docker-runc,\n golang-github-docker-libnetwork fixes the following issues:\n\n Docker:\n\n - CVE-2019-14271: Fixed a code injection if the nsswitch facility\n dynamically loaded a library inside a chroot (bsc#1143409).\n - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).\n - Update to version 19.03.1-ce, see changelog at\n /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).\n\n runc:\n\n - Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).\n - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).\n\n containerd:\n\n - CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).\n - Update to containerd v1.2.6, which is required by docker (bsc#1139649).\n\n golang-github-docker-libnetwork:\n\n - Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is\n required by docker (bsc#1142413, bsc#1139649).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2021=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2021=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-29T00:00:00", "type": "suse", "title": "Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10892", "CVE-2019-13509", "CVE-2019-14271", "CVE-2019-5736"], "modified": "2019-08-29T00:00:00", "id": "OPENSUSE-SU-2019:2021-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/22XH5BZGCHAOESP2KM3ZT4XHBXIVMEZK/", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}