Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2019-1201.NASL
HistoryMay 07, 2019 - 12:00 a.m.

Amazon Linux AMI : kernel (ALAS-2019-1201)

2019-05-0700:00:00
This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
40
JSON

A flaw was found in the Linux kernel’s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack. (CVE-2019-3460)

A bypass was found for the Spectre v1 hardening in the eBPF engine of the Linux kernel. The code in the kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks. (CVE-2019-7308)

A flaw was found in the Linux kernels implementation of Logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack.
An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack. (CVE-2019-3459)

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1201.
#

include("compat.inc");

if (description)
{
  script_id(124654);
  script_version("1.3");
  script_cvs_date("Date: 2020/01/21");

  script_cve_id("CVE-2019-3459", "CVE-2019-3460", "CVE-2019-7308");
  script_xref(name:"ALAS", value:"2019-1201");

  script_name(english:"Amazon Linux AMI : kernel (ALAS-2019-1201)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Amazon Linux AMI host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A flaw was found in the Linux kernel's implementation of logical link
control and adaptation protocol (L2CAP), part of the Bluetooth stack
in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An
attacker with physical access within the range of standard Bluetooth
transmission can create a specially crafted packet. The response to
this specially crafted packet can contain part of the kernel stack
which can be used in a further attack. (CVE-2019-3460)

A bypass was found for the Spectre v1 hardening in the eBPF engine of
the Linux kernel. The code in the kernel/bpf/verifier.c performs
undesirable out-of-bounds speculation on pointer arithmetic in various
cases, including cases of different branches with different state or
limits to sanitize, leading to side-channel attacks. (CVE-2019-7308)

A flaw was found in the Linux kernels implementation of Logical link
control and adaptation protocol (L2CAP), part of the Bluetooth stack.
An attacker with physical access within the range of standard
Bluetooth transmission can create a specially crafted packet. The
response to this specially crafted packet can contain part of the
kernel stack which can be used in a further attack. (CVE-2019-3459)"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://alas.aws.amazon.com/ALAS-2019-1201.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Run 'yum update kernel' to update your system."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-7308");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:kernel-tools-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:perf-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/05/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/07");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Amazon Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
  if (os_ver == 'A') os_ver = 'AMI';
  audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}

if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (rpm_check(release:"ALA", reference:"kernel-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-debuginfo-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"i686", reference:"kernel-debuginfo-common-i686-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", cpu:"x86_64", reference:"kernel-debuginfo-common-x86_64-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-devel-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-headers-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-debuginfo-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"kernel-tools-devel-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perf-4.14.114-82.97.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"perf-debuginfo-4.14.114-82.97.amzn1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc");
}
VendorProductVersionCPE
amazonlinuxkernelp-cpe:/a:amazon:linux:kernel
amazonlinuxkernel-debuginfop-cpe:/a:amazon:linux:kernel-debuginfo
amazonlinuxkernel-debuginfo-common-i686p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686
amazonlinuxkernel-debuginfo-common-x86_64p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64
amazonlinuxkernel-develp-cpe:/a:amazon:linux:kernel-devel
amazonlinuxkernel-headersp-cpe:/a:amazon:linux:kernel-headers
amazonlinuxkernel-toolsp-cpe:/a:amazon:linux:kernel-tools
amazonlinuxkernel-tools-debuginfop-cpe:/a:amazon:linux:kernel-tools-debuginfo
amazonlinuxkernel-tools-develp-cpe:/a:amazon:linux:kernel-tools-devel
amazonlinuxperfp-cpe:/a:amazon:linux:perf
Rows per page:
1-10 of 121

Related

amazon 3
nessus 50
openvas 60
fedora 29
ubuntucve 3
photon 3
f5 3
osv 4
redhatcve 3
prion 3
debiancve 3
cve 3
suse 4
veracode 2
cloudfoundry 2
ubuntu 8
redhat 5
mageia 2
debian 3
oraclelinux 3
slackware 1
centos 1
ibm 1
amazon
amazon
Important: kernel
2019-05-02 17:22:00
Important: kernel
2019-05-02 18:45:00
Important: kernel
2021-04-20 17:55:00
nessus
nessus
Amazon Linux 2 : kernel (ALAS-2019-1201)
2019-05-06 00:00:00
Fedora 29 : kernel / kernel-headers (2019-f812c9fb22)
2019-01-17 00:00:00
Fedora 28 : kernel / kernel-headers (2019-509c133845)
2019-01-17 00:00:00
openvas
openvas
Fedora Update for kernel-headers FEDORA-2019-509c133845
2019-01-17 00:00:00
Fedora Update for kernel FEDORA-2019-96b31a9602
2019-05-07 00:00:00
openSUSE: Security Advisory for the (openSUSE-SU-2019:0274-1)
2019-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-headers-4.19.15-300.fc29
2019-01-17 02:17:41
[SECURITY] Fedora 28 Update: kernel-headers-4.19.15-200.fc28
2019-01-17 01:43:05
[SECURITY] Fedora 29 Update: kernel-headers-4.20.6-200.fc29
2019-02-05 02:19:02
ubuntucve
ubuntucve
CVE-2019-7308
2019-02-01 00:00:00
CVE-2019-3460
2019-01-14 00:00:00
CVE-2019-3459
2019-01-14 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2019-0151
2019-04-11 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0224
2019-04-19 00:00:00
Critical Photon OS Security Update - PHSA-2019-0224
2019-04-19 00:00:00
f5
f5
K43030517 : Linux kernel BPF vulnerability CVE-2019-7308
2019-09-24 00:00:00
K85633044 : Linux kernel vulnerability CVE-2019-3459
2022-06-02 00:00:00
K15122200 : Linux kernel vulnerability CVE-2019-3460
2022-06-02 00:00:00
osv
osv
CVE-2019-3460
2019-04-11 16:29:02
CVE-2019-3459
2019-04-11 16:29:02
linux-4.9 - security update
2019-04-29 00:00:00
redhatcve
redhatcve
CVE-2019-7308
2020-04-08 22:16:34
CVE-2019-3460
2020-04-01 13:55:59
CVE-2019-3459
2020-04-01 13:55:54
prion
prion
Out-of-bounds
2019-02-01 22:29:00
Heap overflow
2019-04-11 16:29:00
Heap overflow
2019-04-11 16:29:00
debiancve
debiancve
CVE-2019-7308
2019-02-01 22:29:00
CVE-2019-3460
2019-04-11 16:29:00
CVE-2019-3459
2019-04-11 16:29:00
cve
cve
CVE-2019-7308
2019-02-01 22:29:00
CVE-2019-3459
2019-04-11 16:29:00
CVE-2019-3460
2019-04-11 16:29:00
suse
suse
Security update for the Linux Kernel (important)
2019-03-01 00:00:00
Security update for the Linux Kernel (important)
2019-02-18 00:00:00
Security update for the Linux Kernel (important)
2019-02-06 00:00:00
veracode
veracode
Information Disclosure
2019-08-08 00:07:21
Information Disclosure
2019-08-08 00:07:21
cloudfoundry
cloudfoundry
USN-3931-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
USN-3932-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-04-02 00:00:00
Linux kernel (HWE) vulnerabilities
2019-04-02 00:00:00
Linux kernel vulnerabilities
2019-04-02 00:00:00
redhat
redhat
(RHSA-2020:0740) Important: kernel-alt security and bug fix update
2020-03-09 13:16:17
(RHSA-2019:3309) Important: kernel-rt security and bug fix update
2019-11-05 17:28:43
(RHSA-2019:2043) Important: kernel-rt security and bug fix update
2019-08-06 07:54:29
mageia
mageia
Updated kernel packages fixes security vulnerabilities
2019-05-12 23:58:05
Updated kernel-linus packages fixes security vulnerabilities
2019-05-16 11:25:22
debian
debian
[SECURITY] [DLA 1771-1] linux-4.9 security update
2019-05-03 10:07:46
[SECURITY] [DLA 1799-2] linux security update
2019-05-28 16:26:35
[SECURITY] [DLA 1799-1] linux security update
2019-05-28 15:39:04
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-06-04 00:00:00
kernel security, bug fix, and enhancement update
2019-11-14 00:00:00
kernel security, bug fix, and enhancement update
2019-08-13 00:00:00
slackware
slackware
[slackware-security] kernel
2019-06-18 22:33:08
centos
centos
bpftool, kernel, perf, python security update
2019-09-10 16:26:50
ibm
ibm
Security Bulletin: IBM QRadar SIEM is vulnerable to multiple Kernel vulnerabilities
2019-11-06 19:05:13
JSON
Related for ALA_ALAS-2019-1201.NASL
amazon3nessus50openvas60fedora29ubuntucve3photon3f53osv4redhatcve3prion3debiancve3cve3suse4veracode2cloudfoundry2ubuntu8redhat5mageia2debian3oraclelinux3slackware1centos1ibm1