Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-2323.NASL
HistoryAug 13, 2020 - 12:00 a.m.

Debian DLA-2323-1 : linux-4.19 new package

2020-08-1300:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
33

7.9 High

AI Score

Confidence

High

JSON

Linux 4.19 has been packaged for Debian 9 as linux-4.19. This provides a supported upgrade path for systems that currently use kernel packages from the ‘stretch-backports’ suite.

There is no need to upgrade systems using Linux 4.9, as that kernel version will also continue to be supported in the LTS period.

This backport does not include the following binary packages :

hyperv-daemons libbpf-dev libbpf4.19 libcpupower-dev libcpupower1 liblockdep-dev liblockdep4.19 linux-compiler-gcc-6-arm linux-compiler-gcc-6-x86 linux-cpupower linux-libc-dev lockdep usbip

Older versions of most of those are built from the linux source package in Debian 9.

The kernel images and modules will not be signed for use on systems with Secure Boot enabled, as there is no support for this in Debian 9.

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or information leak.

CVE-2019-18814

Navid Emamdoost reported a potential use-after-free in the AppArmor security module, in the case that audit rule initialisation fails. The security impact of this is unclear.

CVE-2019-18885

The ‘bobfuzzer’ team discovered that crafted Btrfs volumes could trigger a crash (oops). An attacker able to mount such a volume could use this to cause a denial of service.

CVE-2019-20810

A potential memory leak was discovered in the go7007 media driver. The security impact of this is unclear.

CVE-2020-10766

Anthony Steinhauser reported a flaw in the mitigation for Speculative Store Bypass (CVE-2018-3639) on x86 CPUs. A local user could use this to temporarily disable SSB mitigation in other users’ tasks. If those other tasks run sandboxed code, this would allow that code to read sensitive information in the same process but outside the sandbox.

CVE-2020-10767

Anthony Steinhauser reported a flaw in the mitigation for Spectre variant 2 (CVE-2017-5715) on x86 CPUs. Depending on which other mitigations the CPU supports, the kernel might not use IBPB to mitigate Spectre variant 2 in user-space. A local user could use this to read sensitive information from other users’ processes.

CVE-2020-10768

Anthony Steinhauser reported a flaw in the mitigation for Spectre variant 2 (CVE-2017-5715) on x86 CPUs. After a task force- disabled indirect branch speculation through prctl(), it could still re-enable it later, so it was not possible to override a program that explicitly enabled it.

CVE-2020-12655

Zheng Bin reported that crafted XFS volumes could trigger a system hang. An attacker able to mount such a volume could use this to cause a denial of service.

CVE-2020-12771

Zhiqiang Liu reported a bug in the bcache block driver that could lead to a system hang. The security impact of this is unclear.

CVE-2020-13974

Kyungtae Kim reported a potential integer overflow in the vt (virtual terminal) driver. The security impact of this is unclear.

CVE-2020-15393

Kyungtae Kim reported a memory leak in the usbtest driver. The security impact of this is unclear.

For Debian 9 ‘Stretch’, these problems have been fixed in version 4.19.132-1~deb9u1. This update additionally fixes Debian bugs #958300, #960493, #962254, #963493, #964153, #964480, and #965365; and includes many more bug fixes from stable updates 4.19.119-4.19.132 inclusive.

We recommend that you upgrade your linux-4.19 packages.

For the detailed security status of linux-4.19 please refer to its security tracker page at:
https://security-tracker.debian.org/tracker/linux-4.19

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DLA-2323-1. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(139551);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/26");

  script_cve_id(
    "CVE-2019-18814",
    "CVE-2019-18885",
    "CVE-2019-20810",
    "CVE-2020-10766",
    "CVE-2020-10767",
    "CVE-2020-10768",
    "CVE-2020-12655",
    "CVE-2020-12771",
    "CVE-2020-13974",
    "CVE-2020-15393"
  );

  script_name(english:"Debian DLA-2323-1 : linux-4.19 new package");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"Linux 4.19 has been packaged for Debian 9 as linux-4.19. This provides
a supported upgrade path for systems that currently use kernel
packages from the 'stretch-backports' suite.

There is no need to upgrade systems using Linux 4.9, as that kernel
version will also continue to be supported in the LTS period.

This backport does not include the following binary packages :

hyperv-daemons libbpf-dev libbpf4.19 libcpupower-dev libcpupower1
liblockdep-dev liblockdep4.19 linux-compiler-gcc-6-arm
linux-compiler-gcc-6-x86 linux-cpupower linux-libc-dev lockdep usbip

Older versions of most of those are built from the linux source
package in Debian 9.

The kernel images and modules will not be signed for use on systems
with Secure Boot enabled, as there is no support for this in Debian 9.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or information leak.

CVE-2019-18814

Navid Emamdoost reported a potential use-after-free in the AppArmor
security module, in the case that audit rule initialisation fails. The
security impact of this is unclear.

CVE-2019-18885

The 'bobfuzzer' team discovered that crafted Btrfs volumes could
trigger a crash (oops). An attacker able to mount such a volume could
use this to cause a denial of service.

CVE-2019-20810

A potential memory leak was discovered in the go7007 media driver. The
security impact of this is unclear.

CVE-2020-10766

Anthony Steinhauser reported a flaw in the mitigation for Speculative
Store Bypass (CVE-2018-3639) on x86 CPUs. A local user could use this
to temporarily disable SSB mitigation in other users' tasks. If those
other tasks run sandboxed code, this would allow that code to read
sensitive information in the same process but outside the sandbox.

CVE-2020-10767

Anthony Steinhauser reported a flaw in the mitigation for Spectre
variant 2 (CVE-2017-5715) on x86 CPUs. Depending on which other
mitigations the CPU supports, the kernel might not use IBPB to
mitigate Spectre variant 2 in user-space. A local user could use this
to read sensitive information from other users' processes.

CVE-2020-10768

Anthony Steinhauser reported a flaw in the mitigation for Spectre
variant 2 (CVE-2017-5715) on x86 CPUs. After a task force- disabled
indirect branch speculation through prctl(), it could still re-enable
it later, so it was not possible to override a program that explicitly
enabled it.

CVE-2020-12655

Zheng Bin reported that crafted XFS volumes could trigger a system
hang. An attacker able to mount such a volume could use this to cause
a denial of service.

CVE-2020-12771

Zhiqiang Liu reported a bug in the bcache block driver that could lead
to a system hang. The security impact of this is unclear.

CVE-2020-13974

Kyungtae Kim reported a potential integer overflow in the vt (virtual
terminal) driver. The security impact of this is unclear.

CVE-2020-15393

Kyungtae Kim reported a memory leak in the usbtest driver. The
security impact of this is unclear.

For Debian 9 'Stretch', these problems have been fixed in version
4.19.132-1~deb9u1. This update additionally fixes Debian bugs #958300,
#960493, #962254, #963493, #964153, #964480, and #965365; and includes
many more bug fixes from stable updates 4.19.119-4.19.132 inclusive.

We recommend that you upgrade your linux-4.19 packages.

For the detailed security status of linux-4.19 please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/linux-4.19

NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/stretch/linux-4.19");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/linux-4.19");
  script_set_attribute(attribute:"solution", value:
"Upgrade the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-18814");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/08/12");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/08/13");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-config-4.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-doc-4.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-686-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-arm64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-armel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-armhf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-i386");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-arm64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-armmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-armmp-lpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-cloud-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-common-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-marvell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-rpi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-rt-686-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-rt-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-rt-arm64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-rt-armmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-686");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-686-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-686-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-686-pae-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-amd64-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-arm64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-arm64-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-armmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-armmp-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-armmp-lpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-armmp-lpae-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-cloud-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-cloud-amd64-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-marvell");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-marvell-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rpi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rpi-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-686-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-686-pae-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-amd64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-amd64-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-arm64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-arm64-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-armmp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-0.bpo.10-rt-armmp-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-kbuild-4.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-perf-4.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-source-4.19");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux-support-4.19.0-0.bpo.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("debian_package.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);


flag = 0;
if (deb_check(release:"9.0", prefix:"linux-config-4.19", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-doc-4.19", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-686", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-686-pae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all-arm64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all-armel", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all-armhf", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-all-i386", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-arm64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-armmp", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-armmp-lpae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-cloud-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-common", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-common-rt", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-marvell", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-rpi", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-rt-686-pae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-rt-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-rt-arm64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-headers-4.19.0-0.bpo.10-rt-armmp", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-686", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-686-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-686-pae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-686-pae-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-amd64-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-arm64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-arm64-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-armmp", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-armmp-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-armmp-lpae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-armmp-lpae-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-cloud-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-cloud-amd64-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-marvell", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-marvell-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rpi", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rpi-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-686-pae", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-686-pae-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-amd64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-amd64-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-arm64", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-arm64-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-armmp", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-image-4.19.0-0.bpo.10-rt-armmp-dbg", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-kbuild-4.19", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-perf-4.19", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-source-4.19", reference:"4.19.132-1~deb9u1")) flag++;
if (deb_check(release:"9.0", prefix:"linux-support-4.19.0-0.bpo.10", reference:"4.19.132-1~deb9u1")) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
debiandebian_linuxlinux-config-4.19p-cpe:/a:debian:debian_linux:linux-config-4.19
debiandebian_linuxlinux-doc-4.19p-cpe:/a:debian:debian_linux:linux-doc-4.19
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-686p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-686
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-686-paep-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-686-pae
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-allp-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-all-amd64p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-amd64
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-all-arm64p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-arm64
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-all-armelp-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-armel
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-all-armhfp-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-armhf
debiandebian_linuxlinux-headers-4.19.0-0.bpo.10-all-i386p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-0.bpo.10-all-i386
Rows per page:
1-10 of 541

Related

openvas 36
osv 4
debian 1
nessus 46
attackerkb 1
photon 11
ubuntu 8
fedora 3
redhat 6
suse 4
amazon 3
mageia 1
aix 2
ibm 3
prion 10
f5 1
redhatcve 10
ubuntucve 10
debiancve 10
cve 10
githubexploit 1
cbl_mariner 8
veracode 7
checkpoint_advisories 1
hp 1
thn 1
openvas
openvas
Debian: Security Advisory (DLA-2323)
2020-08-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1699-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1693-1)
2021-04-19 00:00:00
osv
osv
linux-4.19 - new package
2020-08-12 00:00:00
Silent Spectre-BTB outages in Linux for Android
2021-01-01 00:00:00
Android Vomit Report
2021-10-01 00:00:00
debian
debian
[SECURITY] [DLA 2323-1] linux-4.19 new package
2020-08-12 16:33:21
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1699-1)
2020-07-09 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1693-1)
2020-07-09 00:00:00
Photon OS 2.0: Linux PHSA-2020-2.0-0256
2020-07-07 00:00:00
attackerkb
attackerkb
CVE-2018-3639
2018-05-22 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0256
2020-06-27 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0305
2020-06-30 00:00:00
Important Photon OS Security Update - PHSA-2020-0108
2020-06-30 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-09-03 00:00:00
Linux kernel vulnerabilities
2020-09-03 00:00:00
linux kernel vulnerabilities
2020-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: kernel-5.6.19-300.fc32
2020-06-19 01:05:59
[SECURITY] Fedora 31 Update: kernel-5.6.19-200.fc31
2020-06-23 01:14:58
[SECURITY] Fedora 27 Update: qemu-2.10.1-4.fc27
2018-07-06 15:45:59
redhat
redhat
(RHSA-2020:3297) Important: kpatch-patch security update
2020-08-04 07:12:48
(RHSA-2020:3073) Important: kpatch-patch security update
2020-07-21 16:10:15
(RHSA-2018:1967) Important: kernel-alt security and bug fix update
2018-06-26 15:04:18
suse
suse
Security update for the Linux Kernel (important)
2020-07-26 00:00:00
Security update for the Linux Kernel (important)
2020-08-06 00:00:00
Security update for the Linux Kernel (important)
2020-07-07 00:00:00
amazon
amazon
Important: kernel
2020-07-21 16:34:00
Important: kernel
2020-07-21 16:34:00
Important: kernel
2020-07-14 21:14:00
mageia
mageia
Updated kernel packages fix security vulnerability
2020-08-18 21:47:25
aix
aix
IBM has released AIX and VIOS iFixes in response to Speculative Store Bypass (SSB) also known as Variant 4.,IBM has released AIX and VIOS iFixes in response to Speculative Store Bypass (SSB) also known as Variant 4.,IBM has released VIOS and VIOS iFixes in response to Speculative Store Bypass (SSB) also known as Variant 4.
2018-05-22 15:30:11
IBM has released AIX and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.,IBM has released VIOS and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.
2018-01-25 08:15:51
ibm
ibm
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-05-25 23:01:32
Security Bulletin: IBM i has released PTFs in response to the vulnerabilities known as Spectre and Meltdown.
2019-12-18 14:26:38
Security Bulletin: IBM has released updated AIX and VIOS fixes for CVE-2017-5715, known as Spectre, that are only applicable to some POWER9 systems.
2018-09-24 15:35:01
prion
prion
Design/Logic Flaw
2020-06-03 00:15:00
Double free
2019-11-07 16:15:00
Null pointer dereference
2019-11-14 14:15:00
f5
f5
K21561554 : Linux kernel vulnerability security/apparmor CVE-2019-18814
2019-11-25 00:00:00
redhatcve
redhatcve
CVE-2019-18814
2019-11-14 15:07:37
CVE-2019-18885
2019-11-22 17:47:05
CVE-2020-10766
2020-06-10 10:24:45
ubuntucve
ubuntucve
CVE-2019-18814
2019-11-07 00:00:00
CVE-2019-18885
2019-11-14 00:00:00
CVE-2020-10766
2020-06-10 00:00:00
debiancve
debiancve
CVE-2019-18814
2019-11-07 16:15:00
CVE-2019-18885
2019-11-14 14:15:00
CVE-2019-20810
2020-06-03 00:15:00
cve
cve
CVE-2019-18814
2019-11-07 16:15:00
CVE-2019-18885
2019-11-14 14:15:00
CVE-2020-12771
2020-05-09 21:15:00
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Linux Linux Kernel
2019-11-12 05:50:00
cbl_mariner
cbl_mariner
CVE-2019-20810 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
CVE-2020-13974 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
CVE-2020-12655 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
veracode
veracode
Memory Leak
2020-09-21 06:39:05
Denial Of Service (DoS)
2020-09-21 06:40:27
Integer Overflow
2022-06-02 22:53:17
checkpoint_advisories
checkpoint_advisories
Meltdown/Spectre Multiple Browsers Speculative Execution (CVE-2017-5715; CVE-2017-5753; CVE-2017-5754; CVE-2018-3639)
2018-01-04 00:00:00
hp
hp
HPSBHF03573 rev. 15 - Side-Channel Analysis Method
2018-01-04 00:00:00
thn
thn
New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected
2018-05-22 08:27:00

7.9 High

AI Score

Confidence

High

JSON
Related for DEBIAN_DLA-2323.NASL
openvas36osv4debian1nessus46attackerkb1photon11ubuntu8fedora3redhat6suse4amazon3mageia1aix2ibm3prion10f51redhatcve10ubuntucve10debiancve10cve10githubexploit1cbl_mariner8veracode7checkpoint_advisories1hp1thn1