Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2019-1221.NASLHistoryApr 09, 2019 - 12:00 a.m.
EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1221)
2019-04-0900:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
20
According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :
- A new software page cache side channel attack scenario was discovered in operating systems that implement the very common βpage cacheβ caching mechanism. A malicious user/process could use βin memoryβ page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel.i1/4^CVE-2019-5489i1/4%0
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(123907);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id(
"CVE-2019-5489"
);
script_name(english:"EulerOS Virtualization 2.5.3 : kernel (EulerOS-SA-2019-1221)");
script_summary(english:"Checks the rpm output for the updated package.");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS Virtualization host is missing a security update.");
script_set_attribute(attribute:"description", value:
"According to the version of the kernel packages installed, the
EulerOS Virtualization installation on the remote host is affected by
the following vulnerability :
- A new software page cache side channel attack scenario
was discovered in operating systems that implement the
very common 'page cache' caching mechanism. A malicious
user/process could use 'in memory' page-cache knowledge
to infer access timings to shared memory and gain
knowledge which can be used to reduce effectiveness of
cryptographic strength by monitoring algorithmic
behavior, infer access patterns of memory to determine
code paths taken, and exfiltrate data to a blinded
attacker through page-granularity access times as a
side-channel.i1/4^CVE-2019-5489i1/4%0
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1221
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?81f3f548");
script_set_attribute(attribute:"solution", value:
"Update the affected kernel package.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"patch_publication_date", value:"2019/04/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/04/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:2.5.3");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
uvp = get_kb_item("Host/EulerOS/uvp_version");
if (uvp != "2.5.3") audit(AUDIT_OS_NOT, "EulerOS Virtualization 2.5.3");
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);
flag = 0;
pkgs = ["kernel-3.10.0-514.44.5.10_126",
"kernel-devel-3.10.0-514.44.5.10_126",
"kernel-headers-3.10.0-514.44.5.10_126",
"kernel-tools-3.10.0-514.44.5.10_126",
"kernel-tools-libs-3.10.0-514.44.5.10_126",
"kernel-tools-libs-devel-3.10.0-514.44.5.10_126"];
foreach (pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| huawei | euleros | kernel | p-cpe:/a:huawei:euleros:kernel |
| huawei | euleros | kernel-devel | p-cpe:/a:huawei:euleros:kernel-devel |
| huawei | euleros | kernel-headers | p-cpe:/a:huawei:euleros:kernel-headers |
| huawei | euleros | kernel-tools | p-cpe:/a:huawei:euleros:kernel-tools |
| huawei | euleros | kernel-tools-libs | p-cpe:/a:huawei:euleros:kernel-tools-libs |
| huawei | euleros | kernel-tools-libs-devel | p-cpe:/a:huawei:euleros:kernel-tools-libs-devel |
| huawei | euleros | uvp | cpe:/o:huawei:euleros:uvp:2.5.3 |
Related
osv
osv
CVE-2019-5489
2019-01-07 17:29:00
linux - security update
2019-06-17 00:00:00
linux-4.9 - security update
2019-06-17 00:00:00
redhat
redhat
(RHSA-2019:2808) Important: kernel security update
2019-09-17 10:41:58
(RHSA-2019:4255) Important: kernel security update
2019-12-17 09:02:46
(RHSA-2019:2837) Important: kernel security and bug fix update
2019-09-20 10:10:42
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1221)
2020-01-23 00:00:00
CentOS Update for kernel CESA-2019:2473 centos6
2019-08-17 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1303)
2020-01-23 00:00:00
ubuntucve
ubuntucve
CVE-2019-5489
2019-01-07 00:00:00
redhatcve
redhatcve
CVE-2019-5489
2020-04-09 13:09:06
prion
prion
Design/Logic Flaw
2019-01-07 17:29:00
f5
f5
K30404955 : Linux kernel vulnerability CVE-2019-5489
2020-09-25 00:00:00
debiancve
debiancve
CVE-2019-5489
2019-01-07 17:29:00
veracode
veracode
Information Disclosure
2019-08-08 00:07:22
githubexploit
githubexploit
cve
cve
CVE-2019-5489
2019-01-07 17:29:00
huawei
huawei
Security Advisory - Page-Cache Side-Channel Vulnerability
2020-01-15 00:00:00
nessus
nessus
RHEL 6 : kernel (RHSA-2019:4255)
2019-12-18 00:00:00
RHEL 7 : kernel (RHSA-2019:2837)
2019-09-23 00:00:00
Virtuozzo 7 : readykernel-patch (VZA-2019-085)
2020-02-04 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-01-31 00:00:00
kernel security and bug fix update
2019-08-14 00:00:00
Unbreakable Enterprise kernel security update
2019-02-12 00:00:00
virtuozzo
virtuozzo
centos
centos
kernel, perf, python security update
2019-08-16 21:55:43
bpftool, kernel, perf, python security update
2019-09-10 16:26:50
amazon
amazon
Important: kernel
2019-05-29 19:35:00
Important: kernel
2019-05-29 18:59:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-1.0-0238
2019-06-13 00:00:00
Important Photon OS Security Update - PHSA-2020-0238
2020-02-21 00:00:00
Critical Photon OS Security Update - PHSA-2019-0021
2019-06-20 00:00:00
debian
debian
[SECURITY] [DLA 1823-1] linux security update
2019-06-17 23:42:52
[SECURITY] [DLA 1824-1] linux-4.9 security update
2019-06-18 10:23:55
[SECURITY] [DSA 4465-1] linux security update
2019-06-17 18:00:31
suse
suse
Security update for the Linux Kernel (important)
2019-05-31 00:00:00
Security update for the Linux Kernel (important)
2019-06-18 00:00:00
Security update for the Linux Kernel (important)
2019-06-18 00:00:00
ibm
ibm
androidsecurity
androidsecurity
Pixel Update BulletinβSeptember 2020
2020-09-08 00:00:00
lenovo
lenovo
AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US
2020-04-13 19:22:04
oracle
oracle
Oracle Critical Patch Update Advisory - July 2020
2020-07-14 00:00:00
Related for EULEROS_SA-2019-1221.NASL