Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.AL2_ALAS-2019-1279.NASLHistorySep 20, 2019 - 12:00 a.m.
Amazon Linux 2 : kernel (ALAS-2019-1279)
2019-09-2000:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
6.6 Medium
AI Score
Confidence
High
An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR. (CVE-2018-7755)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1279.
#
include('compat.inc');
if (description)
{
script_id(129064);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/24");
script_cve_id("CVE-2018-7755");
script_xref(name:"ALAS", value:"2019-1279");
script_name(english:"Amazon Linux 2 : kernel (ALAS-2019-1279)");
script_set_attribute(attribute:"synopsis", value:
"The remote Amazon Linux 2 host is missing a security update.");
script_set_attribute(attribute:"description", value:
"An issue was discovered in the fd_locked_ioctl function in
drivers/block/floppy.c in the Linux kernel. The floppy driver will
copy a kernel pointer to user memory in response to the FDGETPRM
ioctl. An attacker can send the FDGETPRM ioctl and use the obtained
kernel pointer to discover the location of kernel code and data and
bypass kernel security protections such as KASLR. (CVE-2018-7755)");
script_set_attribute(attribute:"see_also", value:"https://alas.aws.amazon.com/AL2/ALAS-2019-1279.html");
script_set_attribute(attribute:"solution", value:
"Run 'yum update kernel' to update your system.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-7755");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/08");
script_set_attribute(attribute:"patch_publication_date", value:"2019/09/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:python-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux:2");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Amazon Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "2")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux 2", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-debuginfo-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-devel-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", reference:"kernel-headers-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-tools-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-tools-debuginfo-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"kernel-tools-devel-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"perf-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"perf-debuginfo-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"python-perf-4.14.77-80.57.amzn2")) flag++;
if (rpm_check(release:"AL2", cpu:"x86_64", reference:"python-perf-debuginfo-4.14.77-80.57.amzn2")) flag++;
if (flag)
{
if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
else security_note(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| amazon | linux | kernel | p-cpe:/a:amazon:linux:kernel |
| amazon | linux | kernel-debuginfo | p-cpe:/a:amazon:linux:kernel-debuginfo |
| amazon | linux | kernel-debuginfo-common-x86_64 | p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64 |
| amazon | linux | kernel-devel | p-cpe:/a:amazon:linux:kernel-devel |
| amazon | linux | kernel-headers | p-cpe:/a:amazon:linux:kernel-headers |
| amazon | linux | kernel-tools | p-cpe:/a:amazon:linux:kernel-tools |
| amazon | linux | kernel-tools-debuginfo | p-cpe:/a:amazon:linux:kernel-tools-debuginfo |
| amazon | linux | kernel-tools-devel | p-cpe:/a:amazon:linux:kernel-tools-devel |
| amazon | linux | perf | p-cpe:/a:amazon:linux:perf |
| amazon | linux | perf-debuginfo | p-cpe:/a:amazon:linux:perf-debuginfo |
Related
prion
prion
Code injection
2018-03-08 07:29:00
redhatcve
redhatcve
CVE-2018-7755
2019-10-18 18:13:50
debiancve
debiancve
CVE-2018-7755
2018-03-08 07:29:00
nessus
nessus
Amazon Linux AMI : kernel (ALAS-2019-1279)
2019-09-19 00:00:00
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3695-2)
2018-07-03 00:00:00
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3695-1)
2018-07-03 00:00:00
veracode
veracode
Information Disclosure
2019-08-08 00:07:18
ubuntucve
ubuntucve
CVE-2018-7755
2018-03-08 00:00:00
cve
cve
CVE-2018-7755
2018-03-08 07:29:00
amazon
amazon
Low: kernel
2019-09-13 23:08:00
Low: kernel
2019-09-13 22:43:00
f5
f5
K03007515 : Linux kernel vulnerabilities CVE-2018-7755 and CVE-2019-14283
2022-05-19 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2018-10-27 12:45:46
Updated kernel-tmb packages fix security vulnerabilities
2018-10-27 12:45:46
Updated kernel-linus packages fix security vulnerabilities
2018-10-27 12:45:46
openvas
openvas
Ubuntu: Security Advisory (USN-3695-2)
2018-07-03 00:00:00
Mageia: Security Advisory (MGASA-2018-0417)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-3695-1)
2018-07-03 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerabilities
2018-07-02 00:00:00
Linux kernel vulnerabilities
2018-07-02 00:00:00
Linux kernel (HWE) regression
2018-07-21 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-12-06 00:00:00
Unbreakable Enterprise kernel security update
2019-01-15 00:00:00
Unbreakable Enterprise kernel security update
2018-12-09 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2018-0044
2018-05-09 00:00:00
cloudfoundry
cloudfoundry
USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-07-10 00:00:00
debian
debian
[SECURITY] [DSA 4308-1] linux security update
2018-10-01 15:21:20
[SECURITY] [DLA 1531-1] linux-4.9 security update
2018-10-03 23:59:07
[SECURITY] [DSA 4308-1] linux security update
2018-10-01 15:21:20
osv
osv
linux - security update
2018-10-01 00:00:00
linux-4.9 - security update
2018-10-03 00:00:00
linux - security update
2018-10-03 00:00:00
redhat
redhat
(RHSA-2019:2029) Important: kernel security, bug fix, and enhancement update
2019-08-06 07:52:38
(RHSA-2019:2043) Important: kernel-rt security and bug fix update
2019-08-06 07:54:29
centos
centos
bpftool, kernel, perf, python security update
2019-09-10 16:26:50
suse
suse
Security update for the Linux Kernel (important)
2022-06-17 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-01-31 00:22:22
