Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2016-1026.NASL
HistoryMay 01, 2017 - 12:00 a.m.

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

2017-05-0100:00:00
This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31
JSON

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • It was found that the Linux kernel KVM subsystem’s sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the SYSENTER model-specific registers (MSRs). (CVE-2015-0239)

  • A flaw was found in the way the Linux kernel’s perf subsystem retrieved userlevel stack traces on PowerPC systems. A local, unprivileged user could use this flaw to cause a denial of service on the system by creating a special stack layout that would force the perf_callchain_user_64() function into an infinite loop.(CVE-2015-6526)

  • A flaw was found in the way the Linux kernel’s ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system.(CVE-2016-0758)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(99789);
  script_version("1.16");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/04/19");

  script_cve_id(
    "CVE-2015-0239",
    "CVE-2015-6526",
    "CVE-2016-0758"
  );
  script_bugtraq_id(
    72842
  );

  script_name(english:"EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - It was found that the Linux kernel KVM subsystem's
    sysenter instruction emulation was not sufficient. An
    unprivileged guest user could use this flaw to escalate
    their privileges by tricking the hypervisor to emulate
    a SYSENTER instruction in 16-bit mode, if the guest OS
    did not initialize the SYSENTER model-specific
    registers (MSRs). (CVE-2015-0239)

  - A flaw was found in the way the Linux kernel's perf
    subsystem retrieved userlevel stack traces on PowerPC
    systems. A local, unprivileged user could use this flaw
    to cause a denial of service on the system by creating
    a special stack layout that would force the
    perf_callchain_user_64() function into an infinite
    loop.(CVE-2015-6526)

  - A flaw was found in the way the Linux kernel's ASN.1
    DER decoder processed certain certificate files with
    tags of indefinite length. A local, unprivileged user
    could use a specially crafted X.509 certificate DER
    file to crash the system or, potentially, escalate
    their privileges on the system.(CVE-2016-0758)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1026
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?60158ba3");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/07/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["kernel-3.10.0-229.30.1.73",
        "kernel-debug-3.10.0-229.30.1.73",
        "kernel-debuginfo-3.10.0-229.30.1.73",
        "kernel-debuginfo-common-x86_64-3.10.0-229.30.1.73",
        "kernel-devel-3.10.0-229.30.1.73",
        "kernel-headers-3.10.0-229.30.1.73",
        "kernel-tools-3.10.0-229.30.1.73",
        "kernel-tools-libs-3.10.0-229.30.1.73",
        "perf-3.10.0-229.30.1.73",
        "python-perf-3.10.0-229.30.1.73"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
huaweieuleroskernelp-cpe:/a:huawei:euleros:kernel
huaweieuleroskernel-debugp-cpe:/a:huawei:euleros:kernel-debug
huaweieuleroskernel-debuginfop-cpe:/a:huawei:euleros:kernel-debuginfo
huaweieuleroskernel-debuginfo-common-x86_64p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64
huaweieuleroskernel-develp-cpe:/a:huawei:euleros:kernel-devel
huaweieuleroskernel-headersp-cpe:/a:huawei:euleros:kernel-headers
huaweieuleroskernel-toolsp-cpe:/a:huawei:euleros:kernel-tools
huaweieuleroskernel-tools-libsp-cpe:/a:huawei:euleros:kernel-tools-libs
huaweieulerosperfp-cpe:/a:huawei:euleros:perf
huaweieulerospython-perfp-cpe:/a:huawei:euleros:python-perf
Rows per page:
1-10 of 111

Related

openvas 49
debiancve 3
ubuntucve 3
prion 3
cve 3
f5 4
nessus 56
android 1
ubuntu 20
redhat 5
hp 2
oraclelinux 10
redhatcve 1
cloudfoundry 1
veracode 6
centos 3
mageia 4
fedora 5
suse 14
ibm 1
amazon 1
debian 1
osv 1
securityvulns 2
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1026)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-2975-2)
2016-05-17 00:00:00
Ubuntu: Security Advisory (USN-2977-1)
2016-05-17 00:00:00
debiancve
debiancve
CVE-2015-6526
2015-08-31 20:59:00
CVE-2015-0239
2015-03-02 11:59:00
CVE-2016-0758
2016-06-27 10:59:00
ubuntucve
ubuntucve
CVE-2015-6526
2015-08-31 00:00:00
CVE-2015-0239
2015-01-23 00:00:00
CVE-2016-0758
2016-05-12 00:00:00
prion
prion
Design/Logic Flaw
2015-08-31 20:59:00
Information disclosure
2015-03-02 11:59:00
Integer overflow
2016-06-27 10:59:00
cve
cve
CVE-2015-6526
2015-08-31 20:59:00
CVE-2015-0239
2015-03-02 11:59:00
CVE-2016-0758
2016-06-27 10:59:00
f5
f5
SOL16429 - Linux kernel vulnerability CVE-2015-0239
2015-04-13 00:00:00
K16429 : Linux kernel vulnerability CVE-2015-0239
2015-04-13 00:00:00
K12903841 : Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837
2016-01-28 00:00:00
nessus
nessus
Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2978-3)
2016-05-17 00:00:00
Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-2975-1)
2016-05-17 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (20160512)
2016-05-18 00:00:00
android
android
CVE-2016-0758
2016-10-01 00:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerability
2016-05-16 00:00:00
Linux kernel (Raspberry Pi 2) vulnerability
2016-05-16 00:00:00
Linux kernel (Utopic HWE) vulnerability
2016-05-16 00:00:00
redhat
redhat
(RHSA-2016:1055) Important: kernel-rt security and bug fix update
2016-05-12 07:36:33
(RHSA-2016:1051) Important: kernel-rt security, bug fix, and enhancement update
2016-05-12 07:29:41
(RHSA-2016:1033) Important: kernel security and bug fix update
2016-05-12 07:29:32
hp
hp
HPSBHF3548 rev.2 - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER files
2016-06-01 00:00:00
HPSBHF03436 rev.2 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges
2016-02-26 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2016-05-12 00:00:00
Unbreakable Enterprise kernel security update
2015-07-29 00:00:00
kernel security and bug fix update
2016-06-23 00:00:00
redhatcve
redhatcve
CVE-2016-0758
2016-05-12 07:18:20
cloudfoundry
cloudfoundry
USN-2977-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry
2016-05-19 00:00:00
veracode
veracode
Privilege Escalation
2019-01-15 09:11:38
Information Disclosure
2019-05-02 05:40:58
Privilege Escalation
2019-05-02 05:40:58
centos
centos
kernel, perf, python security update
2016-05-13 00:44:04
kernel, perf, python security update
2015-11-30 19:36:22
kernel, perf, python security update
2015-07-26 14:10:53
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2015-05-13 20:18:54
Updated kernel packages fix security vulnerabilities
2015-05-11 23:10:38
Update request kernel-linus-4.4.26-1 fixes security issues
2016-11-04 10:58:56
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.5.5-300.fc24
2016-05-24 18:08:16
[SECURITY] Fedora 22 Update: kernel-4.4.10-200.fc22
2016-05-25 00:54:31
[SECURITY] Fedora 21 Update: kernel-3.18.5-201.fc21
2015-02-06 04:00:35
suse
suse
Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 (important)
2016-08-09 17:34:25
Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 (important)
2016-08-09 17:22:29
Security update for Linux Kernel Live Patch 13 for SLE 12 (important)
2016-08-09 17:19:35
ibm
ibm
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:33:24
amazon
amazon
Medium: kernel
2016-05-18 14:00:00
debian
debian
[SECURITY] [DSA 3170-1] linux security update
2015-02-23 17:42:49
osv
osv
linux - security update
2015-02-23 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3170-1] linux security update
2015-03-07 00:00:00
Linux kernel multiple security vulnerabilities
2015-03-15 00:00:00
JSON
Related for EULEROS_SA-2016-1026.NASL
openvas49debiancve3ubuntucve3prion3cve3f54nessus56android1ubuntu20redhat5hp2oraclelinux10redhatcve1cloudfoundry1veracode6centos3mageia4fedora5suse14ibm1amazon1debian1osv1securityvulns2