Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2016-1051.NASL
HistoryMay 01, 2017 - 12:00 a.m.

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1051)

2017-05-0100:00:00
This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings.An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.(CVE-2016-5195)

  • Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.(CVE-2016-7117)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(99814);
  script_version("1.14");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/08");

  script_cve_id("CVE-2016-5195", "CVE-2016-7117");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/03/24");

  script_name(english:"EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1051)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - A race condition was found in the way the Linux
    kernel's memory subsystem handled the copy-on-write
    (COW) breakage of private read-only memory mappings.An
    unprivileged, local user could use this flaw to gain
    write access to otherwise read-only memory mappings and
    thus increase their privileges on the
    system.(CVE-2016-5195)

  - Use-after-free vulnerability in the __sys_recvmmsg
    function in net/socket.c in the Linux kernel before
    4.5.2 allows remote attackers to execute arbitrary code
    via vectors involving a recvmmsg system call that is
    mishandled during error processing.(CVE-2016-7117)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1051
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3e6b5dff");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2016-7117");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"patch_publication_date", value:"2016/10/22");
  script_set_attribute(attribute:"plugin_publication_date", value:"2017/05/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2017-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(1)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP1", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["kernel-3.10.0-229.42.1.97",
        "kernel-debug-3.10.0-229.42.1.97",
        "kernel-debuginfo-3.10.0-229.42.1.97",
        "kernel-debuginfo-common-x86_64-3.10.0-229.42.1.97",
        "kernel-devel-3.10.0-229.42.1.97",
        "kernel-headers-3.10.0-229.42.1.97",
        "kernel-tools-3.10.0-229.42.1.97",
        "kernel-tools-libs-3.10.0-229.42.1.97",
        "perf-3.10.0-229.42.1.97",
        "python-perf-3.10.0-229.42.1.97"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"1", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
huaweieuleroskernelp-cpe:/a:huawei:euleros:kernel
huaweieuleroskernel-debugp-cpe:/a:huawei:euleros:kernel-debug
huaweieuleroskernel-debuginfop-cpe:/a:huawei:euleros:kernel-debuginfo
huaweieuleroskernel-debuginfo-common-x86_64p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64
huaweieuleroskernel-develp-cpe:/a:huawei:euleros:kernel-devel
huaweieuleroskernel-headersp-cpe:/a:huawei:euleros:kernel-headers
huaweieuleroskernel-toolsp-cpe:/a:huawei:euleros:kernel-tools
huaweieuleroskernel-tools-libsp-cpe:/a:huawei:euleros:kernel-tools-libs
huaweieulerosperfp-cpe:/a:huawei:euleros:perf
huaweieulerospython-perfp-cpe:/a:huawei:euleros:python-perf
Rows per page:
1-10 of 111

Related

openvas 25
oraclelinux 10
nessus 59
arista 2
redhat 16
cve 2
centos 3
android 3
veracode 2
debiancve 2
f5 4
broadcom 1
prion 2
ubuntucve 2
saint 4
thn 2
securelist 1
zdt 7
suse 6
chrome 1
paloalto 1
ubuntu 12
cisa 1
canvas 1
ibm 7
packetstorm 2
archlinux 3
fedora 3
seebug 2
huawei 1
altlinux 1
threatpost 1
myhack58 1
attackerkb 1
cisco 1
slackware 1
cert 1
fortinet 1
cisa_kev 1
amazon 1
vmware 2
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1051)
2020-01-23 00:00:00
CentOS Update for kernel CESA-2016:2962 centos5
2016-12-21 00:00:00
RedHat Update for kernel RHSA-2016:2962-01
2016-12-21 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2016-12-20 00:00:00
Unbreakable Enterprise kernel security update
2016-12-21 00:00:00
kernel security and bug fix update
2016-12-20 00:00:00
nessus
nessus
RHEL 6 : kernel (RHSA-2017:0196)
2017-01-27 00:00:00
RHEL 6 : kernel (RHSA-2017:0215)
2017-02-01 00:00:00
CentOS 5 : kernel (CESA-2016:2962)
2016-12-21 00:00:00
arista
arista
Security Advisory 0028
2017-05-15 00:00:00
Security Advisory 0026
2016-10-21 00:00:00
redhat
redhat
(RHSA-2017:0065) Important: kernel security update
2017-01-17 07:27:02
(RHSA-2017:0216) Important: kernel security update
2017-01-31 12:36:38
(RHSA-2017:0215) Important: kernel security update
2017-01-31 12:36:14
cve
cve
CVE-2016-7117
2016-10-10 11:00:00
CVE-2016-5195
2016-11-10 21:59:00
centos
centos
kernel security update
2016-12-20 17:00:55
kernel, perf, python security update
2016-10-25 11:17:10
kernel, perf, python security update
2016-10-26 07:33:13
android
android
CVE-2016-7117
2016-10-01 00:00:00
CVE-2016-5195
2016-11-01 00:00:00
dirtyc0w
2016-10-13 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 09:14:57
Arbitrary Code Execution
2019-01-15 09:14:05
debiancve
debiancve
CVE-2016-7117
2016-10-10 11:00:00
CVE-2016-5195
2016-11-10 21:59:00
f5
f5
SOL51201255 - Linux kernel vulnerability CVE-2016-7117
2016-11-08 00:00:00
K51201255 : Linux kernel vulnerability CVE-2016-7117
2016-11-08 00:00:00
SOL10558632 - Linux privilege-escalation vulnerability (Dirty COW) CVE-2016-5195
2016-10-21 00:00:00
broadcom
broadcom
CVE-2016-7117 - Use-after-free vulnerability in the Linux kernel
2023-05-02 00:00:00
prion
prion
Design/Logic Flaw
2016-10-10 11:00:00
Race condition
2016-11-10 21:59:00
ubuntucve
ubuntucve
CVE-2016-7117
2016-10-10 00:00:00
CVE-2016-5195
2016-10-19 00:00:00
saint
saint
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
Linux Dirty COW Local File Overwrite
2016-10-27 00:00:00
thn
thn
Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild
2016-10-20 23:02:00
'Exodus' Surveillance Malware Found Targeting Apple iOS Users
2019-04-09 07:19:00
securelist
securelist
Mobile malware evolution 2019
2020-02-25 10:00:43
zdt
zdt
DirtyCow Linux Kernel Race Condition Exploit
2016-10-22 00:00:00
Linux Kernel 2.6.22 < 3.9 - Dirty COW PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/p
2016-11-29 00:00:00
Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa
2016-11-29 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2016-10-21 19:14:25
Security update for the Linux Kernel (important)
2016-10-21 21:08:21
Security update for the Linux Kernel (important)
2016-10-24 17:08:24
chrome
chrome
Stable Channel Update for Chrome OS
2016-10-26 00:00:00
paloalto
paloalto
Kernel Vulnerability
2017-02-21 19:30:00
ubuntu
ubuntu
Linux kernel vulnerability
2016-10-20 00:00:00
Linux kernel (OMAP4) vulnerability
2016-10-20 00:00:00
Linux kernel (Raspberry Pi 2) vulnerability
2016-10-20 00:00:00
cisa
cisa
Linux Kernel Vulnerability
2016-10-21 00:00:00
canvas
canvas
Immunity Canvas: LINUX_FOLL_WRITE_COW
2016-11-10 21:59:00
ibm
ibm
Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)
2018-12-08 04:55:34
Security Bulletin: Vulnerability in Linux Kernel affects ProtecTIER: Dirty COW vulnerability (CVE-2016-5195)
2022-02-16 22:09:18
Security Bulletin: IBM Security Access Manager appliances may be affected by a kernel vulnerability known as the Dirty COW bug (CVE-2016-5195)
2018-06-16 21:50:05
packetstorm
packetstorm
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
2016-11-28 00:00:00
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
2016-11-25 00:00:00
archlinux
archlinux
[ASA-201610-11] linux-lts: privilege escalation
2016-10-21 00:00:00
[ASA-201610-14] linux: privilege escalation
2016-10-22 00:00:00
[ASA-201610-16] linux-grsec: privilege escalation
2016-10-24 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24
2016-10-22 17:20:39
[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23
2016-10-23 22:49:20
[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25
2016-10-22 12:53:27
seebug
seebug
Linux kernel 2.6.22 < 3.9 elevation of privilege vulnerability (Dirty COW)
2016-10-22 00:00:00
"Huge Dirty COW" (CVE-2017–1000405)
2017-11-30 00:00:00
huawei
huawei
Security Advisory - Dirty COW Vulnerability in Huawei Products
2016-12-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package kernel-image-std-def version 1:3.14.79-alt0.M70P.2
2016-10-25 00:00:00
threatpost
threatpost
Serious Dirty Cow Linux Vulnerability Under Attack
2016-10-21 11:21:36
myhack58
myhack58
CVE-2 0 1 6-5 1 9 5 dirty cattle vulnerability: the Linux kernel through kill to mention the right vulnerability-vulnerability warning-the black bar safety net
2016-10-21 00:00:00
attackerkb
attackerkb
CVE-2016-5195
2016-11-10 00:00:00
cisco
cisco
Vulnerability in Linux Kernel Affecting Cisco Products: October 2016
2016-10-26 15:00:00
slackware
slackware
[slackware-security] kernel
2016-11-01 03:40:05
cert
cert
Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability
2016-10-21 00:00:00
fortinet
fortinet
Linux Kernel Dirty Cow Vulnerability
2016-11-09 00:00:00
cisa_kev
cisa_kev
Linux Kernel Race Condition Vulnerability
2022-03-03 00:00:00
amazon
amazon
Critical: kernel
2016-10-20 04:11:00
vmware
vmware
VMware product updates address local privilege escalation vulnerability in Linux kernel
2016-11-09 00:00:00
VMware product updates address local privilege escalation vulnerability in Linux kernel
2016-11-09 00:00:00
JSON
Related for EULEROS_SA-2016-1051.NASL
openvas25oraclelinux10nessus59arista2redhat16cve2centos3android3veracode2debiancve2f54broadcom1prion2ubuntucve2saint4thn2securelist1zdt7suse6chrome1paloalto1ubuntu12cisa1canvas1ibm7packetstorm2archlinux3fedora3seebug2huawei1altlinux1threatpost1myhack581attackerkb1cisco1slackware1cert1fortinet1cisa_kev1amazon1vmware2