Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2018-1133.NASL
HistoryDec 21, 2018 - 12:00 a.m.

Amazon Linux AMI : kernel (ALAS-2018-1133)

2018-12-2100:00:00
This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
47
JSON

A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.(CVE-2018-16862)

An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking.(CVE-2018-18710)

A NULL pointer dereference security flaw was found in the Linux kernel in the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows local users with certain privileges to cause a denial of service via a crafted system call to the KVM subsystem.(CVE-2018-19407)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2018-1133.
#

include("compat.inc");

if (description)
{
  script_id(119813);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/27");

  script_cve_id("CVE-2018-16862", "CVE-2018-18710", "CVE-2018-19407");
  script_xref(name:"ALAS", value:"2018-1133");

  script_name(english:"Amazon Linux AMI : kernel (ALAS-2018-1133)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A security flaw was found in the Linux kernel in a way that the
cleancache subsystem clears an inode after the final file truncation
(removal). The new file created with the same inode may contain
leftover pages from cleancache and the old file data instead of the
new one.(CVE-2018-16862)

An issue was discovered in the Linux kernel through 4.19. An
information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c
could be used by local attackers to read kernel memory because a cast
from unsigned long to int interferes with bounds
checking.(CVE-2018-18710)

A NULL pointer dereference security flaw was found in the Linux kernel
in the vcpu_scan_ioapic() function in arch/x86/kvm/x86.c. This allows
local users with certain privileges to cause a denial of service via a
crafted system call to the KVM subsystem.(CVE-2018-19407)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2018-1133.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update kernel' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-18710");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2018/10/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/12/20");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/12/21");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"kernel-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-debuginfo-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"i686", reference:"kernel-debuginfo-common-i686-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-devel-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-headers-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-debuginfo-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-devel-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perf-4.14.88-72.73.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perf-debuginfo-4.14.88-72.73.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc");
}
VendorProductVersionCPE
amazonlinuxkernelp-cpe:/a:amazon:linux:kernel
amazonlinuxkernel-debuginfop-cpe:/a:amazon:linux:kernel-debuginfo
amazonlinuxkernel-debuginfo-common-i686p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686
amazonlinuxkernel-debuginfo-common-x86_64p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64
amazonlinuxkernel-develp-cpe:/a:amazon:linux:kernel-devel
amazonlinuxkernel-headersp-cpe:/a:amazon:linux:kernel-headers
amazonlinuxkernel-toolsp-cpe:/a:amazon:linux:kernel-tools
amazonlinuxkernel-tools-debuginfop-cpe:/a:amazon:linux:kernel-tools-debuginfo
amazonlinuxkernel-tools-develp-cpe:/a:amazon:linux:kernel-tools-devel
amazonlinuxperfp-cpe:/a:amazon:linux:perf
Rows per page:
1-10 of 121

Related

amazon 2
openvas 67
nessus 45
fedora 36
cloudfoundry 3
ubuntu 14
prion 3
redhatcve 3
cve 3
debiancve 3
ubuntucve 3
f5 2
ibm 1
suse 4
oraclelinux 4
photon 3
mageia 1
debian 1
osv 1
amazon
amazon
Medium: kernel
2018-12-20 00:02:00
Medium: kernel
2018-12-17 19:37:00
openvas
openvas
Fedora Update for kernel FEDORA-2018-87ba0312c2
2019-05-07 00:00:00
Fedora Update for kernel-tools FEDORA-2018-87ba0312c2
2019-05-07 00:00:00
Fedora Update for kernel-tools FEDORA-2018-3857a8b41a
2018-12-04 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALAS-2018-1133)
2018-12-20 00:00:00
Fedora 28 : kernel / kernel-headers / kernel-tools (2018-3857a8b41a)
2019-01-03 00:00:00
Fedora 29 : kernel / kernel-headers / kernel-tools (2018-87ba0312c2)
2019-01-03 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-4.19.5-300.fc29
2018-12-01 20:43:23
[SECURITY] Fedora 28 Update: kernel-tools-4.19.5-200.fc28
2018-12-01 02:07:37
[SECURITY] Fedora 29 Update: kernel-tools-4.19.5-300.fc29
2018-12-01 20:43:25
cloudfoundry
cloudfoundry
USN-3879-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-02-15 00:00:00
USN-3848-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-01-24 00:00:00
USN-3847-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
2019-01-24 00:00:00
ubuntu
ubuntu
Linux kernel (Xenial HWE) vulnerabilities
2019-02-04 00:00:00
Linux kernel vulnerability
2018-12-20 00:00:00
Linux kernel vulnerabilities
2019-02-04 00:00:00
prion
prion
Null pointer dereference
2018-11-21 00:29:00
Design/Logic Flaw
2018-11-26 19:29:00
Design/Logic Flaw
2018-10-29 12:29:00
redhatcve
redhatcve
CVE-2018-19407
2020-04-02 13:54:27
CVE-2018-18710
2020-01-23 16:04:48
CVE-2018-16862
2020-04-04 05:44:54
cve
cve
CVE-2018-19407
2018-11-21 00:29:00
CVE-2018-16862
2018-11-26 19:29:00
CVE-2018-18710
2018-10-29 12:29:00
debiancve
debiancve
CVE-2018-19407
2018-11-21 00:29:00
CVE-2018-16862
2018-11-26 19:29:00
CVE-2018-18710
2018-10-29 12:29:00
ubuntucve
ubuntucve
CVE-2018-19407
2018-11-20 00:00:00
CVE-2018-16862
2018-11-26 00:00:00
CVE-2018-18710
2018-10-29 00:00:00
f5
f5
K93554290 : Linux kernel vulnerability CVE-2018-19407
2019-02-04 00:00:00
K11165942 : Linux kernel vulnerability CVE-2018-18710
2019-01-21 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM
2019-03-04 05:55:02
suse
suse
Security update for the Linux Kernel (important)
2019-02-06 00:00:00
Security update for the Linux Kernel (important)
2019-01-18 00:00:00
Security update for the Linux Kernel (important)
2018-11-07 21:11:37
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-11-28 00:00:00
Unbreakable Enterprise kernel security update
2019-03-12 00:00:00
Unbreakable Enterprise kernel security update
2019-01-15 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0198
2018-12-13 00:00:00
Important Photon OS Security Update - PHSA-2018-0198
2018-12-13 00:00:00
Important Photon OS Security Update - PHSA-2018-0113
2018-12-11 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2018-12-22 00:28:39
debian
debian
[SECURITY] [DLA 1715-1] linux-4.9 security update
2019-03-15 22:45:15
osv
osv
linux-4.9 - security update
2019-03-14 00:00:00
JSON
Related for ALA_ALAS-2018-1133.NASL
amazon2openvas67nessus45fedora36cloudfoundry3ubuntu14prion3redhatcve3cve3debiancve3ubuntucve3f52ibm1suse4oraclelinux4photon3mageia1debian1osv1