According to the versions of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :
- The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.(CVE-2016-3713)
- Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS.(CVE-2016-8630)
- Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.(CVE-2017-2583)
- arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.(CVE-2017-2584)
- A reachable assertion failure flaw was found in the Linux kernel built with KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature (CONFIG_VFIO) enabled. This failure could occur if a malicious guest device sent a virtual interrupt (guest IRQ) with a larger (i1/4z1024) index value.(CVE-2017-1000252)
- An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.(CVE-2017-5715)
- A flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest.
Linux guests are not affected by this.(CVE-2017-7518)
- Linux kernel compiled with the KVM virtualization (CONFIG_KVM) support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memory bytes.(CVE-2017-17741)
- Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.(CVE-2018-3639)
- kernel: kvm: guest userspace to guest kernel write(CVE-2018-10853)
- In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.(CVE-2019-6974)
- The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.(CVE-2019-7222)
- The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.(CVE-2019-7221)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
{"id": "EULEROS_SA-2019-1450.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization 3.0.1.0 : kvm (EulerOS-SA-2019-1450)", "description": "According to the versions of the kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.(CVE-2016-3713)\n\n - Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS.(CVE-2016-8630)\n\n - Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.(CVE-2017-2583)\n\n - arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.(CVE-2017-2584)\n\n - A reachable assertion failure flaw was found in the Linux kernel built with KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature (CONFIG_VFIO) enabled. This failure could occur if a malicious guest device sent a virtual interrupt (guest IRQ) with a larger (i1/4z1024) index value.(CVE-2017-1000252)\n\n - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.(CVE-2017-5715)\n\n - A flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest.\n Linux guests are not affected by this.(CVE-2017-7518)\n\n - Linux kernel compiled with the KVM virtualization (CONFIG_KVM) support is vulnerable to an out-of-bounds read access issue. It could occur when emulating vmcall instructions invoked by a guest. A guest user/process could use this flaw to disclose kernel memory bytes.(CVE-2017-17741)\n\n - Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.(CVE-2018-3639)\n\n - kernel: kvm: guest userspace to guest kernel write(CVE-2018-10853)\n\n - In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.(CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.(CVE-2019-7222)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.(CVE-2019-7221)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-05-14T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/124953", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10853", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7518", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7222", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6974", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2584", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000252", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2583", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3713", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639", "http://www.nessus.org/u?3d6cefe5", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7221", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8630", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17741"], "cvelist": ["CVE-2016-3713", "CVE-2016-8630", "CVE-2017-1000252", "CVE-2017-17741", "CVE-2017-2583", "CVE-2017-2584", "CVE-2017-5715", "CVE-2017-7518", "CVE-2018-10853", "CVE-2018-3639", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "immutableFields": [], "lastseen": "2021-10-21T01:21:42", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["SPECTRE_MELTDOWN_ADVISORY.ASC", "SPECTRE_UPDATE_ADVISORY.ASC", "VARIANT4_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALBA-2021:0206", "ALSA-2022:1988"]}, {"type": "altlinux", "idList": ["DA7EB86A979E50AA3788F1F41AC8607F"]}, {"type": "amazon", "idList": ["ALAS-2018-1034", "ALAS-2018-1037", "ALAS-2018-1038", "ALAS-2018-1039", "ALAS-2018-939", "ALAS-2018-942", "ALAS-2018-944", "ALAS-2018-956", "ALAS-2019-1165", "ALAS2-2018-1033", "ALAS2-2018-1034", "ALAS2-2018-1037", "ALAS2-2018-1038", "ALAS2-2018-1039", "ALAS2-2018-1049", "ALAS2-2018-939", "ALAS2-2018-942", "ALAS2-2018-952", "ALAS2-2018-953", "ALAS2-2018-956", "ALAS2-2018-962", "ALAS2-2019-1165"]}, {"type": "amd", "idList": ["AMD-SB-1036", "AMD-SB-1037"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-01-01", "ANDROID:2018-05-01", "ANDROID:2019-09-01"]}, {"type": "apple", "idList": ["APPLE:395E729CF93F555C415D358DB1C43E9A", "APPLE:4F36084A54A87DEB1241F91D2A3B37FF", "APPLE:554AF3533422B9797D4FBD02BF3EC816", "APPLE:8A3948F2E8E7E8D771C8CDFA03619768", "APPLE:E110ECBEC1B5F4EBE4C6799FF1A4F4E0", "APPLE:HT208397", "APPLE:HT208401", "APPLE:HT208403", "APPLE:HT209139", "APPLE:HT209193"]}, {"type": "archlinux", "idList": ["ASA-201701-32", "ASA-201701-35", "ASA-201701-38", "ASA-201801-10", "ASA-201801-4"]}, {"type": "attackerkb", "idList": ["AKB:A377493B-6A40-4BB0-BF25-4E62943A3C0C"]}, {"type": "centos", "idList": ["CESA-2017:0386", "CESA-2017:1615", "CESA-2017:1842", "CESA-2018:0007", "CESA-2018:0008", "CESA-2018:0012", "CESA-2018:0013", "CESA-2018:0014", "CESA-2018:0023", "CESA-2018:0029", "CESA-2018:0030", "CESA-2018:0093", "CESA-2018:0094", "CESA-2018:0151", "CESA-2018:0395", "CESA-2018:0512", "CESA-2018:1062", "CESA-2018:1319", "CESA-2018:1629", "CESA-2018:1632", "CESA-2018:1633", "CESA-2018:1647", "CESA-2018:1648", "CESA-2018:1649", "CESA-2018:1650", "CESA-2018:1651", "CESA-2018:1660", "CESA-2018:1669", "CESA-2018:1854", "CESA-2018:1965", "CESA-2018:1997", "CESA-2018:2001", "CESA-2018:2162", "CESA-2018:2164", "CESA-2019:0818", "CESA-2019:2029"]}, {"type": "cert", "idList": ["VU:180049", "VU:584653"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0011"]}, {"type": "cisco", "idList": ["CISCO-SA-20180104-CPUSIDECHANNEL", "CISCO-SA-20180521-CPUSIDECHANNEL"]}, {"type": "citrix", "idList": ["CTX231390", "CTX231399", "CTX235225"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:12A130F5867F69C520CCB42A0E666BA6", "CFOUNDRY:2AA1F360A02E665F9D2B19AB7EF0CAA9", "CFOUNDRY:32C77274978FD738E63CD47FF8AF1676", "CFOUNDRY:43A3634884E6DDA3AD9EFD6221BBEE90", "CFOUNDRY:4DDEEFC6D5CE0AA12B5BF627FFC8D2F4", "CFOUNDRY:59BA3F002F833C86F9D716E2A3575DCB", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:862874E6C64B2BCDFB15F341DEE2747E", "CFOUNDRY:86B5C35F8F0E334D1CCCDAF1214EDFEF", "CFOUNDRY:C3D94F66B833B0AB95D359CF97DF9AA9", "CFOUNDRY:DAEEFC1E9FDBBF02A1D3ACCD6434010C", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:F862BE9A087FA6B59D4299BADF8089DC"]}, {"type": "cve", "idList": ["CVE-2016-3713", "CVE-2016-8630", "CVE-2017-1000252", "CVE-2017-17741", "CVE-2017-2583", "CVE-2017-2584", "CVE-2017-5715", "CVE-2017-7518", "CVE-2018-10853", "CVE-2018-3639", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2021-26401"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1349-1:65BA2", "DEBIAN:DLA-1362-1:86139", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DLA-1446-1:83DE2", "DEBIAN:DLA-1446-1:9942E", "DEBIAN:DLA-1497-1:58644", "DEBIAN:DLA-1506-1:91878", "DEBIAN:DLA-1506-1:B3A8C", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-2148-1:72DBC", "DEBIAN:DLA-2148-1:FD9EB", "DEBIAN:DLA-2323-1:C146F", "DEBIAN:DLA-2743-1:A281D", "DEBIAN:DLA-2743-2:6530F", "DEBIAN:DLA-2743-2:EB0B3", "DEBIAN:DSA-3791-1:0D4D5", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-3981-1:3AC17", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4082-1:58978", "DEBIAN:DSA-4120-1:7BEB7", "DEBIAN:DSA-4179-1:CBB23", "DEBIAN:DSA-4179-1:E7F73", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170", "DEBIAN:DSA-4188-1:B3909", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4210-1:DBC01", "DEBIAN:DSA-4213-1:698A4", "DEBIAN:DSA-4213-1:F6297", "DEBIAN:DSA-4273-1:BEC28", "DEBIAN:DSA-4273-2:DE475", "DEBIAN:DSA-4469-1:052EF", "DEBIAN:DSA-4469-1:B9B08"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2016-3713", "DEBIANCVE:CVE-2016-8630", "DEBIANCVE:CVE-2017-1000252", "DEBIANCVE:CVE-2017-17741", "DEBIANCVE:CVE-2017-2583", "DEBIANCVE:CVE-2017-2584", "DEBIANCVE:CVE-2017-5715", "DEBIANCVE:CVE-2017-7518", "DEBIANCVE:CVE-2018-10853", "DEBIANCVE:CVE-2018-3639", "DEBIANCVE:CVE-2019-6974", "DEBIANCVE:CVE-2019-7221", "DEBIANCVE:CVE-2019-7222", "DEBIANCVE:CVE-2021-26401"]}, {"type": "f5", "idList": ["F5:K08413011", "F5:K11186236", "F5:K29146534", "F5:K54252492", "F5:K57454331", "F5:K58304450", "F5:K81172534", "F5:K91229003"]}, {"type": "fedora", "idList": ["FEDORA:017D56156B44", "FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:089B7605072B", "FEDORA:08D3760E6566", "FEDORA:0A72361F0A0B", "FEDORA:10F7D6255145", "FEDORA:122AE604D3F9", "FEDORA:125F360603E5", "FEDORA:1C6F16348980", "FEDORA:1CA16613DD7E", "FEDORA:1CAC0608E6F2", "FEDORA:1EFAB60ACFB0", "FEDORA:20DCB60779B2", "FEDORA:2281662F1093", "FEDORA:22CA86022BDC", "FEDORA:22D77604972B", "FEDORA:238106085F82", "FEDORA:23E0D6075B51", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:2836F613193B", "FEDORA:29049600CFF3", "FEDORA:296826040AED", "FEDORA:29FCE65ECD33", "FEDORA:2C5386075B25", "FEDORA:2C89F6167407", "FEDORA:3266960F0E44", "FEDORA:329F761257DF", "FEDORA:37B8362B00D0", "FEDORA:3C394606D98F", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:42FE3607603A", "FEDORA:434906215647", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:50E6E6087656", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:5267F604C2BD", "FEDORA:5591D601DA24", "FEDORA:5A4D662AE22C", "FEDORA:5AA3D60505E7", "FEDORA:5B68260A5858", "FEDORA:5D742610B071", "FEDORA:5E6FC604AF75", "FEDORA:621A2609A69C", "FEDORA:648496077DD1", "FEDORA:660AA642E1AC", "FEDORA:690DE6022BA8", "FEDORA:69EFB60B9EEF", "FEDORA:6A9A16095B29", "FEDORA:6B39A60C690C", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6CE076015F62", "FEDORA:6E66862A5C82", "FEDORA:6E67663233DB", "FEDORA:6EA206291A90", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:728DA604CD72", "FEDORA:731106077DEB", "FEDORA:73C3960CDDB3", "FEDORA:73C6F628E99A", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:79EAC605FC25", "FEDORA:85FBF6076011", "FEDORA:87BD56087904", "FEDORA:89597606D8B2", "FEDORA:89C9C6051B3A", "FEDORA:8BE0F60BB4E1", "FEDORA:8EB6260D0217", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9145860769FE", "FEDORA:958BD626BB06", "FEDORA:95A686085F81", "FEDORA:98E8F6079A11", "FEDORA:9B9346230079", "FEDORA:9E3D9606D195", "FEDORA:9FDCF62874A1", "FEDORA:A02E3603EB55", "FEDORA:AB52460321C9", "FEDORA:AC7FC600CFCA", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:B7EFE60A96DB", "FEDORA:B87B460876BA", "FEDORA:B92AD601D827", "FEDORA:BBFE360460D0", "FEDORA:BCF8D6075EF9", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C4D496071279", "FEDORA:C64AE6007F37", "FEDORA:C65F560874BD", "FEDORA:C6AF860C4240", "FEDORA:C8DAB604A066", "FEDORA:D5F726042B1F", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:D89B960F8CA9", "FEDORA:D9EAD6149F94", "FEDORA:DF5176048167", "FEDORA:E2FD36125E3E", "FEDORA:E37FD60924F1", "FEDORA:E5291607602A", "FEDORA:E6F08605DCE7", "FEDORA:E6FC960603E5", "FEDORA:E736B60877BC", "FEDORA:E8B02603B289", "FEDORA:E93AE6077DCD", "FEDORA:EAC7F6435E1F", "FEDORA:EBB026048D2E"]}, {"type": "fortinet", "idList": ["FG-IR-16-052", "FG-IR-18-002"]}, {"type": "freebsd", "idList": ["1CE95BC7-3278-11E8-B527-00012E582166", "74DAA370-2797-11E8-95EC-A4BADB2F4699", "FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9"]}, {"type": "gentoo", "idList": ["GLSA-201804-08", "GLSA-201810-06"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hp", "idList": ["HP:C05869091", "HP:C06001626"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180106-01-CPU", "HUAWEI-SA-20180606-01-CPU", "HUAWEI-SA-20180615-01-CPU"]}, {"type": "ibm", "idList": ["09CD81CAD88D5272A1898D3B104B0A76C75C4D6F24390C322F2B3A9929DF7F0F", "0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300", "174F1CB3220ED56F318FA688B5104CC5CCC2107DBECA87BE989ABF3A0091E073", "1A56C0E27437AA486509D2812836A0A7761E820321946BF730BBC1A9B185F972", "1ABA3EC50C5BB5DE641865CF34A5CAC018FE13D6CFF8FE946D2F218907356D71", "267A117C428BEF698E326F0112B2A246CD0BDBB086C1F9B8740A92F31F4370CD", "28E683B9E1028822A2C208D0617DA2DE26079DCB38CC45919D696CC7747F906B", "2A40009A88F7F92C59723B05B8A8BC439ECB104B7E48FAB00AAABF8FE910CEF1", "2C6883C7D3865B8039726C3454BA0B0D5A6F3F11B0878992EA2AACAC9F364E05", "2FDA4798729D99054D99195E15830AB39CD2F277012B44452DE7D7B047CDB4C1", "3540AA54A1ED51682893BA31F766B870A1375441D71B0C703E82EAA191CC0D6A", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "3F517C6EB3F580D15A8688927C2FEDE369F340156A939E9A19A6F6469765380E", "4B7EBAB09AB01A6A2993819DB2589A79B0751770B2E5A63287320AA02BEF3420", "4BB2759DF5CBB6BF54A7D60BF1046942C755D661255DAAC4EF3C0614D1A3AF9A", "4BDA96731BEDBE3B4D78DBA9FA7051E3DF5C22631E9222A0E15B433BB8B9B171", "567345576590494CB813B386383CCFD2CCE4CD51C93AD9D6FD80D7D632CC8257", "5D63DFA90AE05BD537122A9820FEC290A8E1FB9D0AEF4B12256F5FA09B670775", "65AEAA74B4397CD9FC1768668C6ED4E2A219B5570B2041431D7D2F5201973D4D", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "77DA9A466A7C42373FF7E0F4EB5E62474CCAD685AD37FE9457EFB7AD15F923AD", "7A53C19FF480E48C62F3A876817E646DD9329F4F75468297B786BC33EF754038", "87923FDFB72096B1C8DCCF43F6A41A614DD87803DEBC33434D17685EC97C13D6", "87A19FB5346DA81A86907270AB84E2E3899A8B6E531102A2175D836AB9D8EBF9", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64", "A6E0AA4F7CE2CD35281870E21B59F32FD6E5217A46EC5702A87294F585538FD3", "AED01AE411153EF61F18A5379A53E9FF22A1966A07D8367620044DFB22FE9466", "B13E9CABE04A3A8E052E5DD7075F194AB2BDBB1AA759BCA55EBEBB657F688C5F", "B33FA893148E9C76925FA67166C54BB7E197EC96DD88578FEB3D80D16489F9CA", "B35331C8976936545073B60350455C602E3A6DA9E2C52BDF202502219C50D240", "BA3D871218C7EC154D3DA60B65F47B45FC02B640ABAA3BFF2DBE9F1ADAE1DADF", "C61272AAD42C3342F52FDEEAF76F6DCE5A2C3FF3C3CF7540B218B24B7CA5C12B", "ED46D5435729A848FC5D81677695C064ADF46780A6FA945243B3D418EFDD30C6"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00115"]}, {"type": "kaspersky", "idList": ["KLA11173", "KLA11179", "KLA11253", "KLA11258", "KLA11893"]}, {"type": "kitploit", "idList": ["KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID", "LENOVO:PS500151-READING-PRIVILEGED-MEMORY-WITH-A-SIDE-CHANNEL-NOSID", "LENOVO:PS500167-NOSID", "LENOVO:PS500167-SPECULATIVE-EXECUTION-SIDE-CHANNEL-VULNERABILITY-VARIANTS-NOSID", "LENOVO:PS500174-INTEL-SOFTWARE-GUARD-EXTENSIONS-SGX-VULNERABILITIES-NOSID", "LENOVO:PS500174-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2016-0225", "MGASA-2016-0232", "MGASA-2016-0233", "MGASA-2016-0401", "MGASA-2016-0411", "MGASA-2016-0412", "MGASA-2017-0063", "MGASA-2017-0064", "MGASA-2017-0065", "MGASA-2017-0381", "MGASA-2017-0383", "MGASA-2017-0384", "MGASA-2017-0386", "MGASA-2017-0387", "MGASA-2017-0388", "MGASA-2017-0463", "MGASA-2017-0466", "MGASA-2017-0467", "MGASA-2018-0062", "MGASA-2018-0063", "MGASA-2018-0064", "MGASA-2018-0073", "MGASA-2018-0074", "MGASA-2018-0076", "MGASA-2018-0077", "MGASA-2018-0079", "MGASA-2018-0080", "MGASA-2018-0082", "MGASA-2018-0101", "MGASA-2018-0106", "MGASA-2018-0107", "MGASA-2018-0124", "MGASA-2018-0125", "MGASA-2018-0126", "MGASA-2018-0127", "MGASA-2018-0134", "MGASA-2018-0153", "MGASA-2018-0172", "MGASA-2018-0176", "MGASA-2018-0260", "MGASA-2018-0262", "MGASA-2018-0263", "MGASA-2018-0264", "MGASA-2018-0265", "MGASA-2018-0286", "MGASA-2018-0296", "MGASA-2018-0298", "MGASA-2018-0322", "MGASA-2018-0340", "MGASA-2018-0341", "MGASA-2019-0097", "MGASA-2019-0098", "MGASA-2019-0171"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "mscve", "idList": ["MS:ADV180002", "MS:ADV180012", "MS:ADV180013", "MS:ADV180018", "MS:ADV190013"]}, {"type": "mskb", "idList": ["KB4073065", "KB4074590", "KB4093112", "KB4103723", "KB4284819", "KB4284826", "KB4284835", "KB4284860", "KB4284867", "KB4284874", "KB4284880", "KB4338815", "KB4338820", "KB4338824", "KB4338830", "KB4340583", "KB4343887", "KB4343897", "KB4343899", "KB4343900", "KB4343909", "KB4457128", "KB4462922", "KB4467678", "KB4467680", "KB4467686", "KB4467691", "KB4467696", "KB4467697", "KB4467700", "KB4467701", "KB4467702", "KB4467703", "KB4467706", "KB4467708", "KB4480957", "KB4480960", "KB4480963", "KB4480964", "KB4480968", "KB4480970", "KB4480972", "KB4480975", "KB4493446", "KB4493448", "KB4493464", "KB4493467", "KB4493472", "KB4494441"]}, {"type": "msrc", "idList": ["MSRC:3EC2FAA8CFB89D38DF89D5273501E00C"]}, {"type": "myhack58", "idList": ["MYHACK58:62201787550"]}, {"type": "nessus", "idList": ["700321.PRM", "700322.PRM", "700325.PRM", "700518.PRM", "700545.PRM", "AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AIX_IJ05818.NASL", "AIX_IJ05820.NASL", "AIX_IJ05821.NASL", "AIX_IJ05822.NASL", "AIX_IJ05823.NASL", "AIX_IJ05824.NASL", "AIX_IJ05826.NASL", "AL2_ALAS-2018-1033.NASL", "AL2_ALAS-2018-1034.NASL", "AL2_ALAS-2018-1037.NASL", "AL2_ALAS-2018-1038.NASL", "AL2_ALAS-2018-1039.NASL", "AL2_ALAS-2018-1049.NASL", "AL2_ALAS-2018-939.NASL", "AL2_ALAS-2018-942.NASL", "AL2_ALAS-2018-952.NASL", "AL2_ALAS-2018-953.NASL", "AL2_ALAS-2018-956.NASL", "AL2_ALAS-2018-962.NASL", "AL2_ALAS-2019-1165.NASL", "AL2_ALAS-2019-1338.NASL", "AL2_ALASKERNEL-5_10-2022-011.NASL", "AL2_ALASKERNEL-5_4-2022-023.NASL", "ALA_ALAS-2018-1034.NASL", "ALA_ALAS-2018-1037.NASL", "ALA_ALAS-2018-1038.NASL", "ALA_ALAS-2018-1039.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-942.NASL", "ALA_ALAS-2018-944.NASL", "ALA_ALAS-2018-956.NASL", "ALA_ALAS-2019-1165.NASL", "ALMA_LINUX_ALSA-2022-1988.NASL", "APPLE_IOS_1122_CHECK.NBIN", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS_RHSA-2017-0386.NASL", "CENTOS_RHSA-2017-1615.NASL", "CENTOS_RHSA-2017-1842.NASL", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-0012.NASL", "CENTOS_RHSA-2018-0013.NASL", "CENTOS_RHSA-2018-0014.NASL", "CENTOS_RHSA-2018-0023.NASL", "CENTOS_RHSA-2018-0029.NASL", "CENTOS_RHSA-2018-0030.NASL", "CENTOS_RHSA-2018-0093.NASL", "CENTOS_RHSA-2018-0094.NASL", "CENTOS_RHSA-2018-0151.NASL", "CENTOS_RHSA-2018-0395.NASL", "CENTOS_RHSA-2018-0512.NASL", "CENTOS_RHSA-2018-1062.NASL", "CENTOS_RHSA-2018-1629.NASL", "CENTOS_RHSA-2018-1632.NASL", "CENTOS_RHSA-2018-1633.NASL", "CENTOS_RHSA-2018-1647.NASL", "CENTOS_RHSA-2018-1648.NASL", "CENTOS_RHSA-2018-1649.NASL", "CENTOS_RHSA-2018-1650.NASL", "CENTOS_RHSA-2018-1651.NASL", "CENTOS_RHSA-2018-1660.NASL", "CENTOS_RHSA-2018-1669.NASL", "CENTOS_RHSA-2018-1854.NASL", "CENTOS_RHSA-2018-1965.NASL", "CENTOS_RHSA-2018-1997.NASL", "CENTOS_RHSA-2018-2001.NASL", "CENTOS_RHSA-2018-2162.NASL", "CENTOS_RHSA-2018-2164.NASL", "CENTOS_RHSA-2019-0818.NASL", "CENTOS_RHSA-2019-2029.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "CITRIX_XENSERVER_CTX235225.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-1349.NASL", "DEBIAN_DLA-1362.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1422.NASL", "DEBIAN_DLA-1423.NASL", "DEBIAN_DLA-1446.NASL", "DEBIAN_DLA-1497.NASL", "DEBIAN_DLA-1506.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1771.NASL", "DEBIAN_DLA-2148.NASL", "DEBIAN_DLA-2323.NASL", "DEBIAN_DLA-2743.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-3981.NASL", "DEBIAN_DSA-4073.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "DEBIAN_DSA-4179.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4210.NASL", "DEBIAN_DSA-4213.NASL", "DEBIAN_DSA-4273.NASL", "DEBIAN_DSA-4469.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1014.NASL", "EULEROS_SA-2018-1015.NASL", "EULEROS_SA-2018-1016.NASL", "EULEROS_SA-2018-1017.NASL", "EULEROS_SA-2018-1020.NASL", "EULEROS_SA-2018-1021.NASL", "EULEROS_SA-2018-1153.NASL", "EULEROS_SA-2018-1192.NASL", "EULEROS_SA-2018-1193.NASL", "EULEROS_SA-2018-1194.NASL", "EULEROS_SA-2018-1195.NASL", "EULEROS_SA-2018-1196.NASL", "EULEROS_SA-2018-1197.NASL", "EULEROS_SA-2018-1200.NASL", "EULEROS_SA-2018-1201.NASL", "EULEROS_SA-2018-1233.NASL", "EULEROS_SA-2018-1236.NASL", "EULEROS_SA-2018-1265.NASL", "EULEROS_SA-2018-1267.NASL", "EULEROS_SA-2018-1269.NASL", "EULEROS_SA-2018-1270.NASL", "EULEROS_SA-2018-1271.NASL", "EULEROS_SA-2019-1076.NASL", "EULEROS_SA-2019-1255.NASL", "EULEROS_SA-2019-1302.NASL", "EULEROS_SA-2019-1369.NASL", "EULEROS_SA-2019-1370.NASL", "EULEROS_SA-2019-1372.NASL", "EULEROS_SA-2019-1496.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1502.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1515.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1520.NASL", "EULEROS_SA-2019-1521.NASL", "EULEROS_SA-2019-1525.NASL", "EULEROS_SA-2019-1526.NASL", "EULEROS_SA-2019-1531.NASL", "EULEROS_SA-2019-1534.NASL", "EULEROS_SA-2019-1538.NASL", "EULEROS_SA-2019-1587.NASL", "EULEROS_SA-2019-1637.NASL", "EULEROS_SA-2019-1638.NASL", "EULEROS_SA-2019-1793.NASL", "EULEROS_SA-2019-2201.NASL", "EULEROS_SA-2019-2274.NASL", "EULEROS_SA-2019-2468.NASL", "EULEROS_SA-2021-1808.NASL", "EULEROS_SA-2021-2392.NASL", "F5_BIGIP_SOL11186236.NASL", "F5_BIGIP_SOL91229003.NASL", "FEDORA_2016-06F1572324.NASL", "FEDORA_2016-14C4187E3A.NASL", "FEDORA_2016-2363B37A98.NASL", "FEDORA_2016-876DEAE183.NASL", "FEDORA_2016-EE3A114958.NASL", "FEDORA_2016-F8739A80B0.NASL", "FEDORA_2017-18CE368BA3.NASL", "FEDORA_2017-1EBB87E7C0.NASL", "FEDORA_2017-7810B7C59F.NASL", "FEDORA_2017-E6012E74B6.NASL", "FEDORA_2018-0590E4AF13.NASL", "FEDORA_2018-44F8A7454D.NASL", "FEDORA_2018-527698A904.NASL", "FEDORA_2018-5521156807.NASL", "FEDORA_2018-6367A17AA3.NASL", "FEDORA_2018-690989736A.NASL", "FEDORA_2018-93C2E74446.NASL", "FEDORA_2018-9F02E5ED7B.NASL", "FEDORA_2018-AEC846C0EF.NASL", "FEDORA_2018-B57DB4753C.NASL", "FEDORA_2018-DB0D3E157E.NASL", "FEDORA_2018-F1B818A5C9.NASL", "FEDORA_2019-164946AA7F.NASL", "FEDORA_2019-3DA64F3E61.NASL", "FREEBSD_PKG_1CE95BC7327811E8B52700012E582166.NASL", "FREEBSD_PKG_74DAA370279711E895ECA4BADB2F4699.NASL", "FREEBSD_PKG_FBE10A8A05A111EA9DFAF8B156AC3FF9.NASL", "GENTOO_GLSA-201804-08.NASL", "GENTOO_GLSA-201810-06.NASL", "GOOGLE_CHROME_64_0_3282_119.NASL", "JUNIPER_SPACE_JSA10917_183R1.NASL", "LINUX_KERNEL_SPECULATIVE_EXECUTION_DETECT.NBIN", "MACOSX_FIREFOX_57_0_4.NASL", "MACOSX_FUSION_VMSA_2017_0021.NASL", "MACOSX_FUSION_VMSA_2018_0004.NASL", "MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL", "MACOSX_SECUPD_10_13_6_2018-002.NASL", "MACOS_10_14.NASL", "MICROSOFT_WINDOWS_SPEC_EXECUTION.NBIN", "MOZILLA_FIREFOX_57_0_4.NASL", "NEWSTART_CGSL_NS-SA-2019-0004_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0007_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0014_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0016_DRACUT.NASL", "NEWSTART_CGSL_NS-SA-2019-0027_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0032_JAVA-1.7.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0044_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0049_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0070_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0074_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0076_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0077_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0085_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0086_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0125_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0131_JAVA-1.7.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0132_LIBVIRT.NASL", "NEWSTART_CGSL_NS-SA-2019-0133_QEMU-KVM.NASL", "NEWSTART_CGSL_NS-SA-2019-0137_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2017-1159.NASL", "OPENSUSE-2017-1160.NASL", "OPENSUSE-2017-245.NASL", "OPENSUSE-2017-419.NASL", "OPENSUSE-2017-798.NASL", "OPENSUSE-2018-1.NASL", "OPENSUSE-2018-1143.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-1364.NASL", "OPENSUSE-2018-153.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-20.NASL", "OPENSUSE-2018-24.NASL", "OPENSUSE-2018-266.NASL", "OPENSUSE-2018-284.NASL", "OPENSUSE-2018-291.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-358.NASL", "OPENSUSE-2018-4.NASL", "OPENSUSE-2018-489.NASL", "OPENSUSE-2018-514.NASL", "OPENSUSE-2018-515.NASL", "OPENSUSE-2018-547.NASL", "OPENSUSE-2018-551.NASL", "OPENSUSE-2018-590.NASL", "OPENSUSE-2018-599.NASL", "OPENSUSE-2018-602.NASL", "OPENSUSE-2018-603.NASL", "OPENSUSE-2018-656.NASL", "OPENSUSE-2018-700.NASL", "OPENSUSE-2018-75.NASL", "OPENSUSE-2018-762.NASL", "OPENSUSE-2018-8.NASL", "OPENSUSE-2018-825.NASL", "OPENSUSE-2018-860.NASL", "OPENSUSE-2018-886.NASL", "OPENSUSE-2018-887.NASL", "OPENSUSE-2018-894.NASL", "OPENSUSE-2018-9.NASL", "OPENSUSE-2018-938.NASL", "OPENSUSE-2019-1407.NASL", "OPENSUSE-2019-1438.NASL", "OPENSUSE-2019-1439.NASL", "OPENSUSE-2019-203.NASL", "OPENSUSE-2019-274.NASL", "OPENSUSE-2019-398.NASL", "OPENSUSE-2019-418.NASL", "OPENSUSE-2019-42.NASL", "OPENSUSE-2019-424.NASL", "OPENSUSE-2019-426.NASL", "OPENSUSE-2019-510.NASL", "OPENSUSE-2019-536.NASL", "OPENSUSE-2019-587.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-620.NASL", "OPENSUSE-2019-622.NASL", "OPENSUSE-2020-1325.NASL", "OPENSUSE-2022-0940-1.NASL", "ORACLELINUX_ELSA-2017-0386.NASL", "ORACLELINUX_ELSA-2017-1615-1.NASL", "ORACLELINUX_ELSA-2017-1615.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-1842.NASL", "ORACLELINUX_ELSA-2017-3514.NASL", "ORACLELINUX_ELSA-2017-3539.NASL", "ORACLELINUX_ELSA-2017-3566.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2017-3609.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-0012.NASL", "ORACLELINUX_ELSA-2018-0013.NASL", "ORACLELINUX_ELSA-2018-0023.NASL", "ORACLELINUX_ELSA-2018-0024.NASL", "ORACLELINUX_ELSA-2018-0029.NASL", "ORACLELINUX_ELSA-2018-0030.NASL", "ORACLELINUX_ELSA-2018-0093.NASL", "ORACLELINUX_ELSA-2018-0151.NASL", "ORACLELINUX_ELSA-2018-0395.NASL", "ORACLELINUX_ELSA-2018-0512.NASL", "ORACLELINUX_ELSA-2018-1062.NASL", "ORACLELINUX_ELSA-2018-1629.NASL", "ORACLELINUX_ELSA-2018-1632.NASL", "ORACLELINUX_ELSA-2018-1633.NASL", "ORACLELINUX_ELSA-2018-1647.NASL", "ORACLELINUX_ELSA-2018-1648.NASL", "ORACLELINUX_ELSA-2018-1649.NASL", "ORACLELINUX_ELSA-2018-1650.NASL", "ORACLELINUX_ELSA-2018-1651.NASL", "ORACLELINUX_ELSA-2018-1660.NASL", "ORACLELINUX_ELSA-2018-1669.NASL", "ORACLELINUX_ELSA-2018-1854.NASL", "ORACLELINUX_ELSA-2018-1965.NASL", "ORACLELINUX_ELSA-2018-1997.NASL", "ORACLELINUX_ELSA-2018-2001.NASL", "ORACLELINUX_ELSA-2018-2162.NASL", "ORACLELINUX_ELSA-2018-2164.NASL", "ORACLELINUX_ELSA-2018-4004.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4011.NASL", "ORACLELINUX_ELSA-2018-4018.NASL", "ORACLELINUX_ELSA-2018-4019.NASL", "ORACLELINUX_ELSA-2018-4020.NASL", "ORACLELINUX_ELSA-2018-4022.NASL", "ORACLELINUX_ELSA-2018-4062.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4088.NASL", "ORACLELINUX_ELSA-2018-4089.NASL", "ORACLELINUX_ELSA-2018-4108.NASL", "ORACLELINUX_ELSA-2018-4109.NASL", "ORACLELINUX_ELSA-2018-4110.NASL", "ORACLELINUX_ELSA-2018-4114.NASL", "ORACLELINUX_ELSA-2018-4126.NASL", "ORACLELINUX_ELSA-2018-4134.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2018-4172.NASL", "ORACLELINUX_ELSA-2018-4300.NASL", "ORACLELINUX_ELSA-2018-4301.NASL", "ORACLELINUX_ELSA-2019-0818.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLELINUX_ELSA-2019-4531.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2019-4710.NASL", "ORACLELINUX_ELSA-2020-5866.NASL", "ORACLELINUX_ELSA-2022-1988.NASL", "ORACLELINUX_ELSA-2022-9244.NASL", "ORACLELINUX_ELSA-2022-9245.NASL", "ORACLELINUX_ELSA-2022-9273.NASL", "ORACLELINUX_ELSA-2022-9274.NASL", "ORACLELINUX_ELSA-2022-9313.NASL", "ORACLELINUX_ELSA-2022-9314.NASL", "ORACLEVM_OVMSA-2017-0039.NASL", "ORACLEVM_OVMSA-2017-0062.NASL", "ORACLEVM_OVMSA-2017-0105.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2017-0145.NASL", "ORACLEVM_OVMSA-2018-0004.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0007.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0010.NASL", "ORACLEVM_OVMSA-2018-0011.NASL", "ORACLEVM_OVMSA-2018-0013.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0016.NASL", "ORACLEVM_OVMSA-2018-0020.NASL", "ORACLEVM_OVMSA-2018-0021.NASL", "ORACLEVM_OVMSA-2018-0028.NASL", "ORACLEVM_OVMSA-2018-0029.NASL", "ORACLEVM_OVMSA-2018-0033.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2018-0218.NASL", "ORACLEVM_OVMSA-2018-0219.NASL", "ORACLEVM_OVMSA-2018-0223.NASL", "ORACLEVM_OVMSA-2018-0224.NASL", "ORACLEVM_OVMSA-2018-0228.NASL", "ORACLEVM_OVMSA-2018-0231.NASL", "ORACLEVM_OVMSA-2018-0232.NASL", "ORACLEVM_OVMSA-2018-0233.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2018-0238.NASL", "ORACLEVM_OVMSA-2018-0248.NASL", "ORACLEVM_OVMSA-2018-0271.NASL", "ORACLEVM_OVMSA-2018-0272.NASL", "ORACLEVM_OVMSA-2018-0282.NASL", "ORACLEVM_OVMSA-2019-0007.NASL", "ORACLEVM_OVMSA-2019-0035.NASL", "ORACLEVM_OVMSA-2020-0026.NASL", "ORACLEVM_OVMSA-2020-0039.NASL", "ORACLEVM_OVMSA-2020-0044.NASL", "OT_500248.NASL", "PFSENSE_SA-18_03.NASL", "PHOTONOS_PHSA-2018-1_0-0098.NASL", "PHOTONOS_PHSA-2018-1_0-0098_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0102.NASL", "PHOTONOS_PHSA-2018-1_0-0102_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0151.NASL", "PHOTONOS_PHSA-2018-1_0-0151_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0011.NASL", "PHOTONOS_PHSA-2018-2_0-0011_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0015.NASL", "PHOTONOS_PHSA-2018-2_0-0015_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0049.NASL", "PHOTONOS_PHSA-2018-2_0-0049_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0101.NASL", "PHOTONOS_PHSA-2018-2_0-0101_LINUX.NASL", "RANCHEROS_1_1_4.NASL", "RANCHEROS_1_4_1.NASL", "REDHAT-RHSA-2017-0386.NASL", "REDHAT-RHSA-2017-0387.NASL", "REDHAT-RHSA-2017-1615.NASL", "REDHAT-RHSA-2017-1616.NASL", "REDHAT-RHSA-2017-1842.NASL", "REDHAT-RHSA-2017-2077.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0012.NASL", "REDHAT-RHSA-2018-0013.NASL", "REDHAT-RHSA-2018-0014.NASL", "REDHAT-RHSA-2018-0015.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0023.NASL", "REDHAT-RHSA-2018-0024.NASL", "REDHAT-RHSA-2018-0025.NASL", "REDHAT-RHSA-2018-0026.NASL", "REDHAT-RHSA-2018-0027.NASL", "REDHAT-RHSA-2018-0028.NASL", "REDHAT-RHSA-2018-0029.NASL", "REDHAT-RHSA-2018-0030.NASL", "REDHAT-RHSA-2018-0031.NASL", "REDHAT-RHSA-2018-0032.NASL", "REDHAT-RHSA-2018-0034.NASL", "REDHAT-RHSA-2018-0035.NASL", "REDHAT-RHSA-2018-0036.NASL", "REDHAT-RHSA-2018-0037.NASL", "REDHAT-RHSA-2018-0038.NASL", "REDHAT-RHSA-2018-0039.NASL", "REDHAT-RHSA-2018-0040.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0048.NASL", "REDHAT-RHSA-2018-0050.NASL", "REDHAT-RHSA-2018-0051.NASL", "REDHAT-RHSA-2018-0052.NASL", "REDHAT-RHSA-2018-0053.NASL", "REDHAT-RHSA-2018-0093.NASL", "REDHAT-RHSA-2018-0094.NASL", "REDHAT-RHSA-2018-0103.NASL", "REDHAT-RHSA-2018-0104.NASL", "REDHAT-RHSA-2018-0105.NASL", "REDHAT-RHSA-2018-0106.NASL", "REDHAT-RHSA-2018-0107.NASL", "REDHAT-RHSA-2018-0108.NASL", "REDHAT-RHSA-2018-0109.NASL", "REDHAT-RHSA-2018-0110.NASL", "REDHAT-RHSA-2018-0111.NASL", "REDHAT-RHSA-2018-0112.NASL", "REDHAT-RHSA-2018-0151.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0395.NASL", "REDHAT-RHSA-2018-0412.NASL", "REDHAT-RHSA-2018-0496.NASL", "REDHAT-RHSA-2018-0512.NASL", "REDHAT-RHSA-2018-0654.NASL", "REDHAT-RHSA-2018-0676.NASL", "REDHAT-RHSA-2018-1062.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2018-1216.NASL", "REDHAT-RHSA-2018-1346.NASL", "REDHAT-RHSA-2018-1349.NASL", "REDHAT-RHSA-2018-1350.NASL", "REDHAT-RHSA-2018-1351.NASL", "REDHAT-RHSA-2018-1629.NASL", "REDHAT-RHSA-2018-1630.NASL", "REDHAT-RHSA-2018-1632.NASL", "REDHAT-RHSA-2018-1633.NASL", "REDHAT-RHSA-2018-1635.NASL", "REDHAT-RHSA-2018-1636.NASL", "REDHAT-RHSA-2018-1637.NASL", "REDHAT-RHSA-2018-1638.NASL", "REDHAT-RHSA-2018-1639.NASL", "REDHAT-RHSA-2018-1640.NASL", "REDHAT-RHSA-2018-1641.NASL", "REDHAT-RHSA-2018-1642.NASL", "REDHAT-RHSA-2018-1647.NASL", "REDHAT-RHSA-2018-1648.NASL", "REDHAT-RHSA-2018-1649.NASL", "REDHAT-RHSA-2018-1650.NASL", "REDHAT-RHSA-2018-1651.NASL", "REDHAT-RHSA-2018-1652.NASL", "REDHAT-RHSA-2018-1653.NASL", "REDHAT-RHSA-2018-1654.NASL", "REDHAT-RHSA-2018-1655.NASL", "REDHAT-RHSA-2018-1656.NASL", "REDHAT-RHSA-2018-1657.NASL", "REDHAT-RHSA-2018-1658.NASL", "REDHAT-RHSA-2018-1659.NASL", "REDHAT-RHSA-2018-1660.NASL", "REDHAT-RHSA-2018-1661.NASL", "REDHAT-RHSA-2018-1662.NASL", "REDHAT-RHSA-2018-1663.NASL", "REDHAT-RHSA-2018-1664.NASL", "REDHAT-RHSA-2018-1665.NASL", "REDHAT-RHSA-2018-1666.NASL", "REDHAT-RHSA-2018-1667.NASL", "REDHAT-RHSA-2018-1668.NASL", "REDHAT-RHSA-2018-1669.NASL", "REDHAT-RHSA-2018-1674.NASL", "REDHAT-RHSA-2018-1675.NASL", "REDHAT-RHSA-2018-1676.NASL", "REDHAT-RHSA-2018-1688.NASL", "REDHAT-RHSA-2018-1689.NASL", "REDHAT-RHSA-2018-1690.NASL", "REDHAT-RHSA-2018-1696.NASL", "REDHAT-RHSA-2018-1710.NASL", "REDHAT-RHSA-2018-1711.NASL", "REDHAT-RHSA-2018-1737.NASL", "REDHAT-RHSA-2018-1738.NASL", "REDHAT-RHSA-2018-1826.NASL", "REDHAT-RHSA-2018-1854.NASL", "REDHAT-RHSA-2018-1965.NASL", "REDHAT-RHSA-2018-1967.NASL", "REDHAT-RHSA-2018-1997.NASL", "REDHAT-RHSA-2018-2001.NASL", "REDHAT-RHSA-2018-2003.NASL", "REDHAT-RHSA-2018-2006.NASL", "REDHAT-RHSA-2018-2060.NASL", "REDHAT-RHSA-2018-2161.NASL", "REDHAT-RHSA-2018-2162.NASL", "REDHAT-RHSA-2018-2164.NASL", "REDHAT-RHSA-2018-2216.NASL", "REDHAT-RHSA-2018-2246.NASL", "REDHAT-RHSA-2018-2250.NASL", "REDHAT-RHSA-2018-2309.NASL", "REDHAT-RHSA-2018-2328.NASL", "REDHAT-RHSA-2018-2387.NASL", "REDHAT-RHSA-2018-2394.NASL", "REDHAT-RHSA-2018-2396.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2018-3396.NASL", "REDHAT-RHSA-2018-3397.NASL", "REDHAT-RHSA-2018-3398.NASL", "REDHAT-RHSA-2018-3399.NASL", "REDHAT-RHSA-2018-3400.NASL", "REDHAT-RHSA-2018-3401.NASL", "REDHAT-RHSA-2018-3402.NASL", "REDHAT-RHSA-2018-3407.NASL", "REDHAT-RHSA-2018-3423.NASL", "REDHAT-RHSA-2018-3424.NASL", "REDHAT-RHSA-2018-3425.NASL", "REDHAT-RHSA-2019-0818.NASL", "REDHAT-RHSA-2019-0833.NASL", "REDHAT-RHSA-2019-1046.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2809.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2019-3967.NASL", "REDHAT-RHSA-2019-4058.NASL", "REDHAT-RHSA-2020-0036.NASL", "REDHAT-RHSA-2020-0103.NASL", "REDHAT-RHSA-2020-0179.NASL", "REDHAT-RHSA-2022-1975.NASL", "REDHAT-RHSA-2022-1988.NASL", "SLACKWARE_SSA_2018-016-01.NASL", "SLACKWARE_SSA_2018-037-01.NASL", "SLACKWARE_SSA_2018-208-01.NASL", "SLACKWARE_SSA_2019-169-01.NASL", "SL_20170302_KERNEL_ON_SL7_X.NASL", "SL_20170628_KERNEL_ON_SL7_X.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180103_MICROCODE_CTL_ON_SL6_X.NASL", "SL_20180103_MICROCODE_CTL_ON_SL7_X.NASL", "SL_20180104_LIBVIRT_ON_SL6_X.NASL", "SL_20180104_LIBVIRT_ON_SL7_X.NASL", "SL_20180104_LINUX_FIRMWARE_ON_SL7_X.NASL", "SL_20180104_QEMU_KVM_ON_SL6_X.NASL", "SL_20180104_QEMU_KVM_ON_SL7_X.NASL", "SL_20180116_LINUX_FIRMWARE_ON_SL7_X.NASL", "SL_20180116_MICROCODE_CTL_ON_SL6_X.NASL", "SL_20180125_KERNEL_ON_SL7_X.NASL", "SL_20180306_KERNEL_ON_SL7_X.NASL", "SL_20180313_KERNEL_ON_SL6_X.NASL", "SL_20180410_KERNEL_ON_SL7_X.NASL", "SL_20180521_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL", "SL_20180521_QEMU_KVM_ON_SL6_X.NASL", "SL_20180522_JAVA_1_7_0_OPENJDK_ON_SL7_X.NASL", "SL_20180522_JAVA_1_8_0_OPENJDK_ON_SL6_X.NASL", "SL_20180522_JAVA_1_8_0_OPENJDK_ON_SL7_X.NASL", "SL_20180522_KERNEL_ON_SL6_X.NASL", "SL_20180522_KERNEL_ON_SL7_X.NASL", "SL_20180522_LIBVIRT_ON_SL6_X.NASL", "SL_20180522_LIBVIRT_ON_SL7_X.NASL", "SL_20180522_QEMU_KVM_ON_SL7_X.NASL", "SL_20180619_KERNEL_ON_SL6_X.NASL", "SL_20180626_KERNEL_ON_SL7_X.NASL", "SL_20180626_LIBVIRT_ON_SL7_X.NASL", "SL_20180626_QEMU_KVM_ON_SL7_X.NASL", "SL_20180710_KERNEL_ON_SL6_X.NASL", "SL_20180710_QEMU_KVM_ON_SL6_X.NASL", "SL_20190423_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SMB_ADV180002_MSSQL.NASL", "SMB_NT_MS18_APR_4093112.NASL", "SMB_NT_MS18_AUG_MICROCODE.NASL", "SMB_NT_MS18_FEB_4074590.NASL", "SMB_NT_MS18_FEB_4074591.NASL", "SMB_NT_MS18_FEB_4074592.NASL", "SMB_NT_MS18_FEB_4074596.NASL", "SMB_NT_MS18_JAN_4056888.NASL", "SMB_NT_MS18_JAN_4056890.NASL", "SMB_NT_MS18_JAN_4056891.NASL", "SMB_NT_MS18_JAN_4056892.NASL", "SMB_NT_MS18_JAN_4056893.NASL", "SMB_NT_MS18_JAN_4056897.NASL", "SMB_NT_MS18_JAN_4056898.NASL", "SMB_NT_MS18_MAR_4088875.NASL", "SMB_NT_MS18_MAR_4088876.NASL", "SMB_NT_MS18_MAR_4088877.NASL", "SMB_NT_MS18_SEP_MICROCODE.NASL", "SMB_NT_MS19_FEB_OOB_MICROCODE.NASL", "SMB_NT_MS19_JAN_4480963.NASL", "SMB_NT_MS19_JAN_4480970.NASL", "SMB_NT_MS19_JAN_MICROCODE.NASL", "SMB_NT_MS19_MAR_OOB_MICROCODE.NASL", "SOLARIS_JAN2019_SRU11_4_3_5_0.NASL", "SUSE_SU-2017-0464-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0575-1.NASL", "SUSE_SU-2017-2847-1.NASL", "SUSE_SU-2017-2869-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2018-0006-1.NASL", "SUSE_SU-2018-0007-1.NASL", "SUSE_SU-2018-0009-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0019-1.NASL", "SUSE_SU-2018-0020-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0036-1.NASL", "SUSE_SU-2018-0039-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0056-1.NASL", "SUSE_SU-2018-0067-1.NASL", "SUSE_SU-2018-0068-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0113-1.NASL", "SUSE_SU-2018-0114-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-0131-1.NASL", "SUSE_SU-2018-0171-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0601-1.NASL", "SUSE_SU-2018-0609-1.NASL", "SUSE_SU-2018-0638-1.NASL", "SUSE_SU-2018-0660-1.NASL", "SUSE_SU-2018-0678-1.NASL", "SUSE_SU-2018-0705-1.NASL", "SUSE_SU-2018-0708-1.NASL", "SUSE_SU-2018-0757-1.NASL", "SUSE_SU-2018-0762-1.NASL", "SUSE_SU-2018-0831-1.NASL", "SUSE_SU-2018-0838-1.NASL", "SUSE_SU-2018-0861-1.NASL", "SUSE_SU-2018-0909-1.NASL", "SUSE_SU-2018-0920-1.NASL", "SUSE_SU-2018-1077-1.NASL", "SUSE_SU-2018-1080-1.NASL", "SUSE_SU-2018-1295-1.NASL", "SUSE_SU-2018-1308-1.NASL", "SUSE_SU-2018-1362-1.NASL", "SUSE_SU-2018-1362-2.NASL", "SUSE_SU-2018-1363-1.NASL", "SUSE_SU-2018-1366-1.NASL", "SUSE_SU-2018-1368-1.NASL", "SUSE_SU-2018-1374-1.NASL", "SUSE_SU-2018-1375-1.NASL", "SUSE_SU-2018-1376-1.NASL", "SUSE_SU-2018-1377-1.NASL", "SUSE_SU-2018-1377-2.NASL", "SUSE_SU-2018-1378-1.NASL", "SUSE_SU-2018-1386-1.NASL", "SUSE_SU-2018-1389-1.NASL", "SUSE_SU-2018-1452-1.NASL", "SUSE_SU-2018-1456-1.NASL", "SUSE_SU-2018-1475-1.NASL", "SUSE_SU-2018-1479-1.NASL", "SUSE_SU-2018-1498-1.NASL", "SUSE_SU-2018-1503-1.NASL", "SUSE_SU-2018-1582-1.NASL", "SUSE_SU-2018-1603-1.NASL", "SUSE_SU-2018-1614-1.NASL", "SUSE_SU-2018-1614-2.NASL", "SUSE_SU-2018-1658-1.NASL", "SUSE_SU-2018-1699-1.NASL", "SUSE_SU-2018-1699-2.NASL", "SUSE_SU-2018-1759-1.NASL", "SUSE_SU-2018-1772-1.NASL", "SUSE_SU-2018-1784-1.NASL", "SUSE_SU-2018-1926-1.NASL", "SUSE_SU-2018-1935-1.NASL", "SUSE_SU-2018-1935-2.NASL", "SUSE_SU-2018-2076-1.NASL", "SUSE_SU-2018-2082-1.NASL", "SUSE_SU-2018-2092-1.NASL", "SUSE_SU-2018-2141-1.NASL", "SUSE_SU-2018-2304-1.NASL", "SUSE_SU-2018-2331-1.NASL", "SUSE_SU-2018-2331-2.NASL", "SUSE_SU-2018-2335-1.NASL", "SUSE_SU-2018-2338-1.NASL", "SUSE_SU-2018-2340-1.NASL", "SUSE_SU-2018-2341-1.NASL", "SUSE_SU-2018-2342-1.NASL", "SUSE_SU-2018-2345-1.NASL", "SUSE_SU-2018-2346-1.NASL", "SUSE_SU-2018-2347-1.NASL", "SUSE_SU-2018-2348-1.NASL", "SUSE_SU-2018-2349-1.NASL", "SUSE_SU-2018-2350-1.NASL", "SUSE_SU-2018-2351-1.NASL", "SUSE_SU-2018-2352-1.NASL", "SUSE_SU-2018-2353-1.NASL", "SUSE_SU-2018-2354-1.NASL", "SUSE_SU-2018-2355-1.NASL", "SUSE_SU-2018-2356-1.NASL", "SUSE_SU-2018-2358-1.NASL", "SUSE_SU-2018-2359-1.NASL", "SUSE_SU-2018-2363-1.NASL", "SUSE_SU-2018-2364-1.NASL", "SUSE_SU-2018-2367-1.NASL", "SUSE_SU-2018-2368-1.NASL", "SUSE_SU-2018-2369-1.NASL", "SUSE_SU-2018-2387-1.NASL", "SUSE_SU-2018-2389-1.NASL", "SUSE_SU-2018-2391-1.NASL", "SUSE_SU-2018-2416-1.NASL", "SUSE_SU-2018-2528-1.NASL", "SUSE_SU-2018-2539-1.NASL", "SUSE_SU-2018-2556-1.NASL", "SUSE_SU-2018-2565-1.NASL", "SUSE_SU-2018-2615-1.NASL", "SUSE_SU-2018-2631-1.NASL", "SUSE_SU-2018-2631-2.NASL", "SUSE_SU-2018-2650-1.NASL", "SUSE_SU-2018-2684-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-2973-1.NASL", "SUSE_SU-2018-2973-2.NASL", "SUSE_SU-2018-3064-1.NASL", "SUSE_SU-2018-3064-2.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2018-3555-1.NASL", "SUSE_SU-2019-0049-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0645-1.NASL", "SUSE_SU-2019-0672-1.NASL", "SUSE_SU-2019-0683-1.NASL", "SUSE_SU-2019-0709-1.NASL", "SUSE_SU-2019-0722-1.NASL", "SUSE_SU-2019-0765-1.NASL", "SUSE_SU-2019-0767-1.NASL", "SUSE_SU-2019-0784-1.NASL", "SUSE_SU-2019-0828-1.NASL", "SUSE_SU-2019-0901-1.NASL", "SUSE_SU-2019-1211-1.NASL", "SUSE_SU-2019-1211-2.NASL", "SUSE_SU-2019-1219-1.NASL", "SUSE_SU-2019-1287-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13979-1.NASL", "SUSE_SU-2019-13999-1.NASL", "SUSE_SU-2019-2028-1.NASL", "SUSE_SU-2020-2540-1.NASL", "SUSE_SU-2021-3007-1.NASL", "SUSE_SU-2021-3969-1.NASL", "SUSE_SU-2022-0931-1.NASL", "SUSE_SU-2022-0939-1.NASL", "SUSE_SU-2022-0940-1.NASL", "SUSE_SU-2022-1285-1.NASL", "SUSE_SU-2022-1300-1.NASL", "SUSE_SU-2022-1359-1.NASL", "SUSE_SU-2022-1375-1.NASL", "SUSE_SU-2022-1408-1.NASL", "TENABLE_OT_SIEMENS_CVE-2018-3639.NASL", "UBUNTU_USN-2978-1.NASL", "UBUNTU_USN-2978-2.NASL", "UBUNTU_USN-2979-1.NASL", "UBUNTU_USN-2979-2.NASL", "UBUNTU_USN-3161-1.NASL", "UBUNTU_USN-3161-2.NASL", "UBUNTU_USN-3161-3.NASL", "UBUNTU_USN-3161-4.NASL", "UBUNTU_USN-3162-1.NASL", "UBUNTU_USN-3162-2.NASL", "UBUNTU_USN-3208-1.NASL", "UBUNTU_USN-3208-2.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3468-1.NASL", "UBUNTU_USN-3468-2.NASL", "UBUNTU_USN-3468-3.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3530-1.NASL", "UBUNTU_USN-3531-1.NASL", "UBUNTU_USN-3531-2.NASL", "UBUNTU_USN-3531-3.NASL", "UBUNTU_USN-3540-1.NASL", "UBUNTU_USN-3540-2.NASL", "UBUNTU_USN-3541-1.NASL", "UBUNTU_USN-3541-2.NASL", "UBUNTU_USN-3542-1.NASL", "UBUNTU_USN-3549-1.NASL", "UBUNTU_USN-3560-1.NASL", "UBUNTU_USN-3561-1.NASL", "UBUNTU_USN-3581-1.NASL", "UBUNTU_USN-3581-2.NASL", "UBUNTU_USN-3582-1.NASL", "UBUNTU_USN-3582-2.NASL", "UBUNTU_USN-3594-1.NASL", "UBUNTU_USN-3597-1.NASL", "UBUNTU_USN-3597-2.NASL", "UBUNTU_USN-3617-1.NASL", "UBUNTU_USN-3617-2.NASL", "UBUNTU_USN-3617-3.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3620-1.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3652-1.NASL", "UBUNTU_USN-3653-1.NASL", "UBUNTU_USN-3653-2.NASL", "UBUNTU_USN-3654-1.NASL", "UBUNTU_USN-3654-2.NASL", "UBUNTU_USN-3655-1.NASL", "UBUNTU_USN-3679-1.NASL", "UBUNTU_USN-3680-1.NASL", "UBUNTU_USN-3690-1.NASL", "UBUNTU_USN-3690-2.NASL", "UBUNTU_USN-3754-1.NASL", "UBUNTU_USN-3756-1.NASL", "UBUNTU_USN-3777-1.NASL", "UBUNTU_USN-3777-2.NASL", "UBUNTU_USN-3777-3.NASL", "UBUNTU_USN-3930-1.NASL", "UBUNTU_USN-3930-2.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-3933-1.NASL", "UBUNTU_USN-5415-1.NASL", "UBUNTU_USN-5417-1.NASL", "UBUNTU_USN-5418-1.NASL", "VIRTUALBOX_5_2_6.NASL", "VIRTUOZZO_VZA-2017-004.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VIRTUOZZO_VZA-2018-033.NASL", "VIRTUOZZO_VZA-2018-034.NASL", "VIRTUOZZO_VZA-2018-037.NASL", "VIRTUOZZO_VZA-2018-048.NASL", "VIRTUOZZO_VZA-2019-042.NASL", "VIRTUOZZO_VZA-2019-045.NASL", "VIRTUOZZO_VZA-2019-046.NASL", "VIRTUOZZO_VZLSA-2017-0386.NASL", "VMWARE_ESXI_VMSA-2017-0021.NASL", "VMWARE_ESXI_VMSA-2018-0004.NASL", "VMWARE_ESXI_VMSA-2018-0012.NASL", "VMWARE_PLAYER_WIN_VMSA_2017_0021.NASL", "VMWARE_PLAYER_WIN_VMSA_2018_0004.NASL", "VMWARE_VCENTER_VMSA-2018-0004.NASL", "VMWARE_VMSA-2018-0002.NASL", "VMWARE_VMSA-2018-0004.NASL", "VMWARE_VMSA-2018-0012.NASL", "VMWARE_WORKSTATION_WIN_VMSA_2017_0021.NASL", "VMWARE_WORKSTATION_WIN_VMSA_2018_0004.NASL", "XEN_SERVER_XSA-254.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4609", "NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617", "NVIDIA:4704", "NVIDIA:4787"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107830", "OPENVAS:1361412562310107832", "OPENVAS:1361412562310108766", "OPENVAS:1361412562310108767", "OPENVAS:1361412562310703791", "OPENVAS:1361412562310703981", "OPENVAS:1361412562310704073", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310704179", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704210", "OPENVAS:1361412562310704213", "OPENVAS:1361412562310704273", "OPENVAS:1361412562310704469", "OPENVAS:1361412562310808303", "OPENVAS:1361412562310808336", "OPENVAS:1361412562310808429", "OPENVAS:1361412562310810127", "OPENVAS:1361412562310810159", "OPENVAS:1361412562310812284", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812399", "OPENVAS:1361412562310812600", "OPENVAS:1361412562310812601", "OPENVAS:1361412562310812602", "OPENVAS:1361412562310812603", "OPENVAS:1361412562310812604", "OPENVAS:1361412562310812605", "OPENVAS:1361412562310812629", "OPENVAS:1361412562310812641", "OPENVAS:1361412562310812642", "OPENVAS:1361412562310812643", "OPENVAS:1361412562310812678", "OPENVAS:1361412562310812740", "OPENVAS:1361412562310813652", "OPENVAS:1361412562310814014", "OPENVAS:1361412562310814340", "OPENVAS:1361412562310814341", "OPENVAS:1361412562310814342", "OPENVAS:1361412562310814344", "OPENVAS:1361412562310814345", "OPENVAS:1361412562310814425", "OPENVAS:1361412562310814649", "OPENVAS:1361412562310814650", "OPENVAS:1361412562310815020", "OPENVAS:1361412562310815033", "OPENVAS:1361412562310815034", "OPENVAS:1361412562310842746", "OPENVAS:1361412562310842751", "OPENVAS:1361412562310842754", "OPENVAS:1361412562310842761", "OPENVAS:1361412562310842997", "OPENVAS:1361412562310842998", "OPENVAS:1361412562310842999", "OPENVAS:1361412562310843000", "OPENVAS:1361412562310843001", "OPENVAS:1361412562310843004", "OPENVAS:1361412562310843061", "OPENVAS:1361412562310843062", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843352", "OPENVAS:1361412562310843353", "OPENVAS:1361412562310843356", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843419", "OPENVAS:1361412562310843420", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843426", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843428", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843436", "OPENVAS:1361412562310843442", "OPENVAS:1361412562310843443", "OPENVAS:1361412562310843455", "OPENVAS:1361412562310843457", "OPENVAS:1361412562310843458", "OPENVAS:1361412562310843459", "OPENVAS:1361412562310843472", "OPENVAS:1361412562310843473", "OPENVAS:1361412562310843474", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843498", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843528", "OPENVAS:1361412562310843529", "OPENVAS:1361412562310843530", "OPENVAS:1361412562310843531", "OPENVAS:1361412562310843532", "OPENVAS:1361412562310843533", "OPENVAS:1361412562310843557", "OPENVAS:1361412562310843558", "OPENVAS:1361412562310843567", "OPENVAS:1361412562310843581", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310843629", "OPENVAS:1361412562310843644", "OPENVAS:1361412562310843647", "OPENVAS:1361412562310843664", "OPENVAS:1361412562310843781", "OPENVAS:1361412562310843799", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843952", "OPENVAS:1361412562310843953", "OPENVAS:1361412562310843954", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310843959", "OPENVAS:1361412562310843960", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851506", "OPENVAS:1361412562310851529", "OPENVAS:1361412562310851578", "OPENVAS:1361412562310851628", "OPENVAS:1361412562310851629", "OPENVAS:1361412562310851673", "OPENVAS:1361412562310851674", "OPENVAS:1361412562310851676", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851680", "OPENVAS:1361412562310851681", "OPENVAS:1361412562310851686", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851716", "OPENVAS:1361412562310851722", "OPENVAS:1361412562310851724", "OPENVAS:1361412562310851730", "OPENVAS:1361412562310851756", "OPENVAS:1361412562310851762", "OPENVAS:1361412562310851773", "OPENVAS:1361412562310851776", "OPENVAS:1361412562310851782", "OPENVAS:1361412562310851795", "OPENVAS:1361412562310851811", "OPENVAS:1361412562310851854", "OPENVAS:1361412562310851858", "OPENVAS:1361412562310851869", "OPENVAS:1361412562310851935", "OPENVAS:1361412562310851952", "OPENVAS:1361412562310851978", "OPENVAS:1361412562310851987", "OPENVAS:1361412562310851999", "OPENVAS:1361412562310852029", "OPENVAS:1361412562310852050", "OPENVAS:1361412562310852055", "OPENVAS:1361412562310852087", "OPENVAS:1361412562310852118", "OPENVAS:1361412562310852228", "OPENVAS:1361412562310852305", "OPENVAS:1361412562310852327", "OPENVAS:1361412562310852506", "OPENVAS:1361412562310852515", "OPENVAS:1361412562310852516", "OPENVAS:1361412562310871768", "OPENVAS:1361412562310871838", "OPENVAS:1361412562310871927", "OPENVAS:1361412562310872292", "OPENVAS:1361412562310872293", "OPENVAS:1361412562310873947", "OPENVAS:1361412562310873948", "OPENVAS:1361412562310874007", "OPENVAS:1361412562310874035", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874600", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874611", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874620", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874639", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874659", "OPENVAS:1361412562310874675", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874710", "OPENVAS:1361412562310874719", "OPENVAS:1361412562310874720", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874731", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874755", "OPENVAS:1361412562310874757", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874763", "OPENVAS:1361412562310874779", "OPENVAS:1361412562310874786", "OPENVAS:1361412562310874801", "OPENVAS:1361412562310874805", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874871", "OPENVAS:1361412562310874886", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874908", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874965", "OPENVAS:1361412562310874988", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875004", "OPENVAS:1361412562310875005", "OPENVAS:1361412562310875010", "OPENVAS:1361412562310875025", "OPENVAS:1361412562310875066", "OPENVAS:1361412562310875092", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875131", "OPENVAS:1361412562310875162", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875189", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875247", "OPENVAS:1361412562310875255", "OPENVAS:1361412562310875287", "OPENVAS:1361412562310875303", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875458", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875460", "OPENVAS:1361412562310875475", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875528", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875589", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875869", "OPENVAS:1361412562310875952", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876143", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876300", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876390", "OPENVAS:1361412562310876392", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876661", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876935", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310882673", "OPENVAS:1361412562310882747", "OPENVAS:1361412562310882820", "OPENVAS:1361412562310882821", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310882823", "OPENVAS:1361412562310882824", "OPENVAS:1361412562310882827", "OPENVAS:1361412562310882828", "OPENVAS:1361412562310882829", "OPENVAS:1361412562310882836", "OPENVAS:1361412562310882849", "OPENVAS:1361412562310882855", "OPENVAS:1361412562310882880", "OPENVAS:1361412562310882881", "OPENVAS:1361412562310882882", "OPENVAS:1361412562310882883", "OPENVAS:1361412562310882884", "OPENVAS:1361412562310882885", "OPENVAS:1361412562310882886", "OPENVAS:1361412562310882887", "OPENVAS:1361412562310882888", "OPENVAS:1361412562310882890", "OPENVAS:1361412562310882914", "OPENVAS:1361412562310882915", "OPENVAS:1361412562310882917", "OPENVAS:1361412562310882923", "OPENVAS:1361412562310882924", "OPENVAS:1361412562310883045", "OPENVAS:1361412562310891232", "OPENVAS:1361412562310891349", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891422", "OPENVAS:1361412562310891446", "OPENVAS:1361412562310891497", "OPENVAS:1361412562310891506", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562310892148", "OPENVAS:1361412562310910000", "OPENVAS:1361412562310910001", "OPENVAS:1361412562311220181001", "OPENVAS:1361412562311220181002", "OPENVAS:1361412562311220181014", "OPENVAS:1361412562311220181015", "OPENVAS:1361412562311220181016", "OPENVAS:1361412562311220181017", "OPENVAS:1361412562311220181020", "OPENVAS:1361412562311220181021", "OPENVAS:1361412562311220181153", "OPENVAS:1361412562311220181192", "OPENVAS:1361412562311220181193", "OPENVAS:1361412562311220181194", "OPENVAS:1361412562311220181195", "OPENVAS:1361412562311220181196", "OPENVAS:1361412562311220181197", "OPENVAS:1361412562311220181200", "OPENVAS:1361412562311220181201", "OPENVAS:1361412562311220181233", "OPENVAS:1361412562311220181236", "OPENVAS:1361412562311220181265", "OPENVAS:1361412562311220181267", "OPENVAS:1361412562311220181269", "OPENVAS:1361412562311220181270", "OPENVAS:1361412562311220181271", "OPENVAS:1361412562311220191076", "OPENVAS:1361412562311220191255", "OPENVAS:1361412562311220191302", "OPENVAS:1361412562311220191369", "OPENVAS:1361412562311220191370", "OPENVAS:1361412562311220191372", "OPENVAS:1361412562311220191450", "OPENVAS:1361412562311220191496", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191502", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191515", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220191520", "OPENVAS:1361412562311220191521", "OPENVAS:1361412562311220191525", "OPENVAS:1361412562311220191526", "OPENVAS:1361412562311220191531", "OPENVAS:1361412562311220191534", "OPENVAS:1361412562311220191538", "OPENVAS:1361412562311220191587", "OPENVAS:1361412562311220191637", "OPENVAS:1361412562311220191638", "OPENVAS:1361412562311220191793", "OPENVAS:1361412562311220192201", "OPENVAS:1361412562311220192274", "OPENVAS:1361412562311220192468", "OPENVAS:703791"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018", "ORACLE:CPUAPR2018-3678067", "ORACLE:CPUJAN2018", "ORACLE:CPUJAN2018-3236628", "ORACLE:CPUJAN2019", "ORACLE:CPUJAN2019-5072801", "ORACLE:CPUJUL2018", "ORACLE:CPUJUL2018-4258247", "ORACLE:CPUJUL2019", "ORACLE:CPUJUL2019-5072835", "ORACLE:CPUJUL2020", "ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-0386", "ELSA-2017-0386-1", "ELSA-2017-1615", "ELSA-2017-1615-1", "ELSA-2017-3514", "ELSA-2017-3539", "ELSA-2017-3566", "ELSA-2017-3567", "ELSA-2017-3609", "ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0012", "ELSA-2018-0013", "ELSA-2018-0023", "ELSA-2018-0024", "ELSA-2018-0029", "ELSA-2018-0030", "ELSA-2018-0093", "ELSA-2018-0151", "ELSA-2018-0169", "ELSA-2018-0395", "ELSA-2018-0816", "ELSA-2018-1062", "ELSA-2018-1196-1", "ELSA-2018-1629", "ELSA-2018-1632", "ELSA-2018-1633", "ELSA-2018-1647", "ELSA-2018-1648", "ELSA-2018-1649", "ELSA-2018-1650", "ELSA-2018-1651", "ELSA-2018-1660", "ELSA-2018-1669", "ELSA-2018-1854", "ELSA-2018-1929", "ELSA-2018-1965", "ELSA-2018-1997", "ELSA-2018-2001", "ELSA-2018-2162", "ELSA-2018-2164", "ELSA-2018-2283", "ELSA-2018-2286", "ELSA-2018-4004", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4012", "ELSA-2018-4018", "ELSA-2018-4019", "ELSA-2018-4020", "ELSA-2018-4021", "ELSA-2018-4022", "ELSA-2018-4062", "ELSA-2018-4071", "ELSA-2018-4088", "ELSA-2018-4089", "ELSA-2018-4108", "ELSA-2018-4109", "ELSA-2018-4110", "ELSA-2018-4114", "ELSA-2018-4126", "ELSA-2018-4134", "ELSA-2018-4164", "ELSA-2018-4172", "ELSA-2018-4198", "ELSA-2018-4235", "ELSA-2018-4285", "ELSA-2018-4289", "ELSA-2018-4300", "ELSA-2018-4301", "ELSA-2019-0416", "ELSA-2019-0435", "ELSA-2019-0818", "ELSA-2019-2029", "ELSA-2019-3517", "ELSA-2019-4316", "ELSA-2019-4531", "ELSA-2019-4585", "ELSA-2019-4612", "ELSA-2019-4630", "ELSA-2019-4668", "ELSA-2019-4702", "ELSA-2019-4710", "ELSA-2019-4732", "ELSA-2019-4785", "ELSA-2020-0157", "ELSA-2020-0196", "ELSA-2020-0202", "ELSA-2020-0279", "ELSA-2020-5861", "ELSA-2020-5866", "ELSA-2021-9034"]}, {"type": "osv", "idList": ["OSV:DLA-1232-1", "OSV:DLA-1349-1", "OSV:DLA-1362-1", "OSV:DLA-1369-1", "OSV:DLA-1422-1", "OSV:DLA-1422-2", "OSV:DLA-1423-1", "OSV:DLA-1446-1", "OSV:DLA-1497-1", "OSV:DLA-1529-1", "OSV:DLA-1715-1", "OSV:DLA-1731-1", "OSV:DLA-1771-1", "OSV:DLA-2148-1", "OSV:DLA-2323-1", "OSV:DLA-2743-1", "OSV:DSA-3791-1", "OSV:DSA-3981-1", "OSV:DSA-4073-1", "OSV:DSA-4082-1", "OSV:DSA-4120-1", "OSV:DSA-4120-2", "OSV:DSA-4179-1", "OSV:DSA-4187-1", "OSV:DSA-4188-1", "OSV:DSA-4201-1", "OSV:DSA-4210-1", "OSV:DSA-4213-1", "OSV:DSA-4273-1", "OSV:DSA-4273-2", "OSV:DSA-4469-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:145645"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0001", "PAN-SA-2018-0002"]}, {"type": "photon", "idList": ["PHSA-2017-0026", "PHSA-2017-0078", "PHSA-2017-0091", "PHSA-2018-0011", "PHSA-2018-0015", "PHSA-2018-0049", "PHSA-2018-0062", "PHSA-2018-0098", "PHSA-2018-0101", "PHSA-2018-0102", "PHSA-2018-0151", "PHSA-2018-0153", "PHSA-2018-1.0-0098", "PHSA-2018-1.0-0102", "PHSA-2018-1.0-0151", "PHSA-2018-2.0-0015", "PHSA-2018-2.0-0049", "PHSA-2018-2.0-0101", "PHSA-2019-0007", "PHSA-2019-0142", "PHSA-2019-0221", "PHSA-2019-0224", "PHSA-2019-1.0-0221", "PHSA-2019-1.0-0224", "PHSA-2019-2.0-0142"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:60F322EED1370D8159A8C18F6128C93D", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:9BA334FCEF38374A0B09A0614B2D74D4", "QUALYSBLOG:BD020D07BF02B0790C62701D997BFD4D", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F7C32BA5E6651A8CE3584BB84A88A0C0", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2017:0386", "RHSA-2017:0387", "RHSA-2017:1615", "RHSA-2017:1616", "RHSA-2017:1842", "RHSA-2017:2077", "RHSA-2018:0007", "RHSA-2018:0008", "RHSA-2018:0009", "RHSA-2018:0010", "RHSA-2018:0011", "RHSA-2018:0012", "RHSA-2018:0013", "RHSA-2018:0014", "RHSA-2018:0015", "RHSA-2018:0016", "RHSA-2018:0017", "RHSA-2018:0018", "RHSA-2018:0020", "RHSA-2018:0021", "RHSA-2018:0022", "RHSA-2018:0023", "RHSA-2018:0024", "RHSA-2018:0025", "RHSA-2018:0026", "RHSA-2018:0027", "RHSA-2018:0028", "RHSA-2018:0029", "RHSA-2018:0030", "RHSA-2018:0031", "RHSA-2018:0032", "RHSA-2018:0034", "RHSA-2018:0035", "RHSA-2018:0036", "RHSA-2018:0037", "RHSA-2018:0038", "RHSA-2018:0039", "RHSA-2018:0040", "RHSA-2018:0044", "RHSA-2018:0045", "RHSA-2018:0046", "RHSA-2018:0047", "RHSA-2018:0048", "RHSA-2018:0049", "RHSA-2018:0050", "RHSA-2018:0051", "RHSA-2018:0052", "RHSA-2018:0053", "RHSA-2018:0054", "RHSA-2018:0055", "RHSA-2018:0056", "RHSA-2018:0057", "RHSA-2018:0058", "RHSA-2018:0059", "RHSA-2018:0060", "RHSA-2018:0089", "RHSA-2018:0090", "RHSA-2018:0091", "RHSA-2018:0092", "RHSA-2018:0093", "RHSA-2018:0094", "RHSA-2018:0103", "RHSA-2018:0104", "RHSA-2018:0105", "RHSA-2018:0106", "RHSA-2018:0107", "RHSA-2018:0108", "RHSA-2018:0109", "RHSA-2018:0110", "RHSA-2018:0111", "RHSA-2018:0112", "RHSA-2018:0151", "RHSA-2018:0182", "RHSA-2018:0292", "RHSA-2018:0395", "RHSA-2018:0412", "RHSA-2018:0496", "RHSA-2018:0512", "RHSA-2018:0654", "RHSA-2018:0676", "RHSA-2018:1062", "RHSA-2018:1129", "RHSA-2018:1130", "RHSA-2018:1196", "RHSA-2018:1216", "RHSA-2018:1252", "RHSA-2018:1319", "RHSA-2018:1346", "RHSA-2018:1349", "RHSA-2018:1350", "RHSA-2018:1351", "RHSA-2018:1629", "RHSA-2018:1630", "RHSA-2018:1632", "RHSA-2018:1633", "RHSA-2018:1635", "RHSA-2018:1636", "RHSA-2018:1637", "RHSA-2018:1638", "RHSA-2018:1639", "RHSA-2018:1640", "RHSA-2018:1641", "RHSA-2018:1642", "RHSA-2018:1643", "RHSA-2018:1644", "RHSA-2018:1645", "RHSA-2018:1646", "RHSA-2018:1647", "RHSA-2018:1648", "RHSA-2018:1649", "RHSA-2018:1650", "RHSA-2018:1651", "RHSA-2018:1652", "RHSA-2018:1653", "RHSA-2018:1654", "RHSA-2018:1655", "RHSA-2018:1656", "RHSA-2018:1657", "RHSA-2018:1658", "RHSA-2018:1659", "RHSA-2018:1660", "RHSA-2018:1661", "RHSA-2018:1662", "RHSA-2018:1663", "RHSA-2018:1664", "RHSA-2018:1665", "RHSA-2018:1666", "RHSA-2018:1667", "RHSA-2018:1668", "RHSA-2018:1669", "RHSA-2018:1674", "RHSA-2018:1675", "RHSA-2018:1676", "RHSA-2018:1686", "RHSA-2018:1688", "RHSA-2018:1689", "RHSA-2018:1690", "RHSA-2018:1696", "RHSA-2018:1710", "RHSA-2018:1711", "RHSA-2018:1737", "RHSA-2018:1738", "RHSA-2018:1826", "RHSA-2018:1854", "RHSA-2018:1965", "RHSA-2018:1967", "RHSA-2018:1997", "RHSA-2018:2001", "RHSA-2018:2003", "RHSA-2018:2006", "RHSA-2018:2060", "RHSA-2018:2161", "RHSA-2018:2162", "RHSA-2018:2164", "RHSA-2018:2171", "RHSA-2018:2172", "RHSA-2018:2216", "RHSA-2018:2228", "RHSA-2018:2246", "RHSA-2018:2250", "RHSA-2018:2258", "RHSA-2018:2289", "RHSA-2018:2309", "RHSA-2018:2328", "RHSA-2018:2363", "RHSA-2018:2364", "RHSA-2018:2387", "RHSA-2018:2394", "RHSA-2018:2396", "RHSA-2018:2948", "RHSA-2018:3396", "RHSA-2018:3397", "RHSA-2018:3398", "RHSA-2018:3399", "RHSA-2018:3400", "RHSA-2018:3401", "RHSA-2018:3402", "RHSA-2018:3407", "RHSA-2018:3423", "RHSA-2018:3424", "RHSA-2018:3425", "RHSA-2019:0818", "RHSA-2019:0833", "RHSA-2019:1046", "RHSA-2019:2029", "RHSA-2019:2043", "RHSA-2019:2809", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2019:3967", "RHSA-2019:4058", "RHSA-2020:0036", "RHSA-2020:0103", "RHSA-2020:0179", "RHSA-2022:1975", "RHSA-2022:1988"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-3713", "RH:CVE-2017-1000252", "RH:CVE-2017-17741", "RH:CVE-2017-2583", "RH:CVE-2017-2584", "RH:CVE-2017-5715", "RH:CVE-2017-7518", "RH:CVE-2018-10853", "RH:CVE-2018-3620", "RH:CVE-2018-3639", "RH:CVE-2019-6974", "RH:CVE-2019-7221", "RH:CVE-2019-7222", "RH:CVE-2020-24511", "RH:CVE-2021-26401"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654", "SECURELIST:FC1216FC2096CBEE31E247C19D68BEC5"]}, {"type": "seebug", "idList": ["SSV:97059"]}, {"type": "slackware", "idList": ["SSA-2018-016-01", "SSA-2018-037-01", "SSA-2018-208-01", "SSA-2019-169-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2017:0456-1", "OPENSUSE-SU-2017:0906-1", "OPENSUSE-SU-2017:1825-1", "OPENSUSE-SU-2017:2739-1", "OPENSUSE-SU-2017:2741-1", "OPENSUSE-SU-2018:0013-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0026-1", "OPENSUSE-SU-2018:0030-1", "OPENSUSE-SU-2018:0059-1", "OPENSUSE-SU-2018:0066-1", "OPENSUSE-SU-2018:0187-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0408-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:0710-1", "OPENSUSE-SU-2018:0745-1", "OPENSUSE-SU-2018:0780-1", "OPENSUSE-SU-2018:0939-1", "OPENSUSE-SU-2018:1380-1", "OPENSUSE-SU-2018:1418-1", "OPENSUSE-SU-2018:1420-1", "OPENSUSE-SU-2018:1487-1", "OPENSUSE-SU-2018:1502-1", "OPENSUSE-SU-2018:1621-1", "OPENSUSE-SU-2018:1623-1", "OPENSUSE-SU-2018:1628-1", "OPENSUSE-SU-2018:1631-1", "OPENSUSE-SU-2018:1773-1", "OPENSUSE-SU-2018:1904-1", "OPENSUSE-SU-2018:2119-1", "OPENSUSE-SU-2018:2237-1", "OPENSUSE-SU-2018:2306-1", "OPENSUSE-SU-2018:2399-1", "OPENSUSE-SU-2018:2402-1", "OPENSUSE-SU-2018:2407-1", "OPENSUSE-SU-2018:2524-1", "OPENSUSE-SU-2018:3103-1", "OPENSUSE-SU-2018:3709-1", "OPENSUSE-SU-2019:0042-1", "OPENSUSE-SU-2019:0203-1", "OPENSUSE-SU-2019:0274-1", "OPENSUSE-SU-2019:1407-1", "OPENSUSE-SU-2019:1438-1", "OPENSUSE-SU-2019:1439-1", "OPENSUSE-SU-2020:1325-1", "SUSE-SU-2017:0407-1", "SUSE-SU-2017:0464-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0575-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2847-1", "SUSE-SU-2017:2869-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:2956-1", "SUSE-SU-2018:0006-1", "SUSE-SU-2018:0007-1", "SUSE-SU-2018:0008-1", "SUSE-SU-2018:0009-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0019-1", "SUSE-SU-2018:0020-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0036-1", "SUSE-SU-2018:0039-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0041-1", "SUSE-SU-2018:0051-1", "SUSE-SU-2018:0056-1", "SUSE-SU-2018:0067-1", "SUSE-SU-2018:0068-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0113-1", "SUSE-SU-2018:0114-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0131-1", "SUSE-SU-2018:0171-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0383-1", "SUSE-SU-2018:0416-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0482-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0601-1", "SUSE-SU-2018:0609-1", "SUSE-SU-2018:0638-1", "SUSE-SU-2018:0660-1", "SUSE-SU-2018:0678-1", "SUSE-SU-2018:0705-1", "SUSE-SU-2018:0708-1", "SUSE-SU-2018:0762-1", "SUSE-SU-2018:0831-1", "SUSE-SU-2018:0838-1", "SUSE-SU-2018:0841-1", "SUSE-SU-2018:0861-1", "SUSE-SU-2018:0909-1", "SUSE-SU-2018:0920-1", "SUSE-SU-2018:0986-1", "SUSE-SU-2018:1077-1", "SUSE-SU-2018:1080-1"]}, {"type": "symantec", "idList": ["SMNTC-102371", "SMNTC-102378", "SMNTC-104232", "SMNTC-1426"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36"]}, {"type": "thn", "idList": ["THN:2B2B2CD54A42E2C054F98F11FD06C341", "THN:58CFE19533148E77597FE0AC59963145", "THN:718A9E01EB9A2B76DC08D8973AACAF7E", "THN:71C19B8F2C6EDB0AFDA5AA0280A20C00", "THN:788E9312DDA39D9A09855DF379A0FD4D", "THN:83DDF7EA5627F196DA7F3A5DB2F32A06", "THN:BA94EB21B28842327D78D9B107AC9960", "THN:C4C9BC61AD42FB9F46B30ECA56F71393"]}, {"type": "threatpost", "idList": ["THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:31234A4925170238A90EE40343968C48", "THREATPOST:4F13E380B1984CDEA728722B169027FB", "THREATPOST:5AEBAF88C55924F6A472867BE083F0B0", "THREATPOST:66600F3B128B00AC1B1B38670F93DE04", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:8F3BA63C697CD0B0AD4CDF30B9CF0987", "THREATPOST:CE89F855271AB3AE3CE8B5B0C141CDC2", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB", "THREATPOST:F646E92307240E4B7D00CC0FC73BCE0D"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034"]}, {"type": "ubuntu", "idList": ["USN-2978-1", "USN-2978-2", "USN-2979-1", "USN-2979-2", "USN-3161-1", "USN-3161-2", "USN-3161-3", "USN-3161-4", "USN-3162-1", "USN-3162-2", "USN-3208-1", "USN-3208-2", "USN-3361-1", "USN-3468-1", "USN-3468-2", "USN-3468-3", "USN-3516-1", "USN-3530-1", "USN-3531-1", "USN-3531-2", "USN-3531-3", "USN-3540-1", "USN-3540-2", "USN-3541-1", "USN-3541-2", "USN-3542-1", "USN-3542-2", "USN-3549-1", "USN-3560-1", "USN-3561-1", "USN-3580-1", "USN-3581-1", "USN-3581-2", "USN-3582-1", "USN-3582-2", "USN-3594-1", "USN-3597-1", "USN-3597-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3620-1", "USN-3620-2", "USN-3632-1", "USN-3651-1", "USN-3652-1", "USN-3653-1", "USN-3653-2", "USN-3654-1", "USN-3654-2", "USN-3655-1", "USN-3655-2", "USN-3679-1", "USN-3680-1", "USN-3690-1", "USN-3690-2", "USN-3754-1", "USN-3756-1", "USN-3777-1", "USN-3777-2", "USN-3777-3", "USN-3930-1", "USN-3930-2", "USN-3931-1", "USN-3931-2", "USN-3932-1", "USN-3932-2", "USN-3933-1", "USN-3933-2", "USN-4985-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2016-3713", "UB:CVE-2016-8630", "UB:CVE-2017-1000252", "UB:CVE-2017-17741", "UB:CVE-2017-2583", "UB:CVE-2017-2584", "UB:CVE-2017-5715", "UB:CVE-2017-7518", "UB:CVE-2018-10853", "UB:CVE-2018-3639", "UB:CVE-2019-6974", "UB:CVE-2019-7221", "UB:CVE-2019-7222", "UB:CVE-2021-26401"]}, {"type": "veracode", "idList": ["VERACODE:21035", "VERACODE:21074"]}, {"type": "virtuozzo", "idList": ["VZA-2017-004", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-006", "VZA-2018-016", "VZA-2018-017", "VZA-2018-023", "VZA-2018-032", "VZA-2018-033", "VZA-2018-034", "VZA-2018-037", "VZA-2018-047", "VZA-2018-048", "VZA-2019-042", "VZA-2019-045", "VZA-2019-046"]}, {"type": "vmware", "idList": ["VMSA-2018-0002", "VMSA-2018-0002.3", "VMSA-2018-0004", "VMSA-2018-0004.3", "VMSA-2018-0007", "VMSA-2018-0007.6", "VMSA-2018-0012", "VMSA-2018-0012.1"]}, {"type": "xen", "idList": ["XSA-254", "XSA-263"]}, {"type": "zdt", "idList": ["1337DAY-ID-29366", "1337DAY-ID-30428", "1337DAY-ID-32199"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["SPECTRE_MELTDOWN_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALBA-2021:0206"]}, {"type": "amazon", "idList": ["ALAS-2018-1034", "ALAS-2018-1037", "ALAS-2018-1038", "ALAS-2018-1039", "ALAS-2018-939", "ALAS-2018-942", "ALAS-2018-944", "ALAS2-2018-939"]}, {"type": "androidsecurity", "idList": ["ANDROID:2018-05-01", "ANDROID:2019-09-01"]}, {"type": "apple", "idList": ["APPLE:395E729CF93F555C415D358DB1C43E9A", "APPLE:4F36084A54A87DEB1241F91D2A3B37FF", "APPLE:554AF3533422B9797D4FBD02BF3EC816", "APPLE:HT208397", "APPLE:HT208401", "APPLE:HT208403", "APPLE:HT209193"]}, {"type": "archlinux", "idList": ["ASA-201701-32", "ASA-201701-35", "ASA-201801-10", "ASA-201801-4"]}, {"type": "attackerkb", "idList": ["AKB:A377493B-6A40-4BB0-BF25-4E62943A3C0C"]}, {"type": "centos", "idList": ["CESA-2017:1615", "CESA-2018:0007", "CESA-2018:0008", "CESA-2018:0012", "CESA-2018:0013", "CESA-2018:0014", "CESA-2018:0023", "CESA-2018:0029", "CESA-2018:0030", "CESA-2018:0395", "CESA-2018:1319", "CESA-2018:1965", "CESA-2018:1997", "CESA-2018:2001"]}, {"type": "cert", "idList": ["VU:584653"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2018-0011"]}, {"type": "cisco", "idList": ["CISCO-SA-20180104-CPUSIDECHANNEL"]}, {"type": "citrix", "idList": ["CTX231390", "CTX235225"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:2AA1F360A02E665F9D2B19AB7EF0CAA9", "CFOUNDRY:4DDEEFC6D5CE0AA12B5BF627FFC8D2F4", "CFOUNDRY:59BA3F002F833C86F9D716E2A3575DCB", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC"]}, {"type": "cve", "idList": ["CVE-2016-3713", "CVE-2017-5715"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1232-1:15F37", "DEBIAN:DLA-1349-1:65BA2", "DEBIAN:DLA-1362-1:86139", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1422-1:EBC6F", "DEBIAN:DLA-1422-2:DC70E", "DEBIAN:DLA-1423-1:B239D", "DEBIAN:DLA-1446-1:83DE2", "DEBIAN:DLA-1506-1:B3A8C", "DEBIAN:DLA-2743-2:EB0B3", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4120-1:7BEB7", "DEBIAN:DSA-4179-1:CBB23", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4210-1:DBC01", "DEBIAN:DSA-4213-1:698A4", "DEBIAN:DSA-4273-1:BEC28", "DEBIAN:DSA-4273-2:DE475"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-5715"]}, {"type": "f5", "idList": ["F5:K29146534", "F5:K81172534", "F5:K91229003"]}, {"type": "fedora", "idList": ["FEDORA:017D56156B44", "FEDORA:089B7605072B", "FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:122AE604D3F9", "FEDORA:125F360603E5", "FEDORA:1C6F16348980", "FEDORA:1CA16613DD7E", "FEDORA:1EFAB60ACFB0", "FEDORA:20DCB60779B2", "FEDORA:2281662F1093", "FEDORA:22CA86022BDC", "FEDORA:22D77604972B", "FEDORA:23E0D6075B51", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:296826040AED", "FEDORA:29FCE65ECD33", "FEDORA:2C5386075B25", "FEDORA:2C89F6167407", "FEDORA:3266960F0E44", "FEDORA:37B8362B00D0", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:434906215647", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:50E6E6087656", "FEDORA:5267F604C2BD", "FEDORA:5591D601DA24", "FEDORA:5AA3D60505E7", "FEDORA:5B68260A5858", "FEDORA:5D742610B071", "FEDORA:5E6FC604AF75", "FEDORA:621A2609A69C", "FEDORA:648496077DD1", "FEDORA:660AA642E1AC", "FEDORA:69EFB60B9EEF", "FEDORA:6A9A16095B29", "FEDORA:6B39A60C690C", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6CE076015F62", "FEDORA:6E66862A5C82", "FEDORA:6EA206291A90", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:728DA604CD72", "FEDORA:731106077DEB", "FEDORA:73C3960CDDB3", "FEDORA:73C6F628E99A", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:87BD56087904", "FEDORA:8BE0F60BB4E1", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9145860769FE", "FEDORA:958BD626BB06", "FEDORA:95A686085F81", "FEDORA:9B9346230079", "FEDORA:9E3D9606D195", "FEDORA:9FDCF62874A1", "FEDORA:A02E3603EB55", "FEDORA:AB52460321C9", "FEDORA:AC7FC600CFCA", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:B7EFE60A96DB", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:C65F560874BD", "FEDORA:C8DAB604A066", "FEDORA:D5F726042B1F", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E5291607602A", "FEDORA:E6F08605DCE7", "FEDORA:E6FC960603E5", "FEDORA:E736B60877BC", "FEDORA:E93AE6077DCD", "FEDORA:EAC7F6435E1F", "FEDORA:EBB026048D2E"]}, {"type": "fortinet", "idList": ["FG-IR-18-002"]}, {"type": "freebsd", "idList": ["1CE95BC7-3278-11E8-B527-00012E582166", "74DAA370-2797-11E8-95EC-A4BADB2F4699"]}, {"type": "gentoo", "idList": ["GLSA-201804-08"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:42FBA08807698DC5CD34486014AC8332"]}, {"type": "hp", "idList": ["HP:C05869091", "HP:C06001626"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20180106-01-CPU"]}, {"type": "ibm", "idList": ["87923FDFB72096B1C8DCCF43F6A41A614DD87803DEBC33434D17685EC97C13D6", "A594E3179D9A187B5EAE777411B4109CB85600F1AEC96905951B67E4F825EC64", "BA3D871218C7EC154D3DA60B65F47B45FC02B640ABAA3BFF2DBE9F1ADAE1DADF"]}, {"type": "kaspersky", "idList": ["KLA11173"]}, {"type": "kitploit", "idList": ["KITPLOIT:8752367943592764867", "KITPLOIT:8917740741292426205"]}, {"type": "lenovo", "idList": ["LENOVO:PS500151-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:3DDE32E41BE8356C194673EE3ED7FDBE", "MALWAREBYTES:C47D8F4321BF60FB315B6C46B47DF46F"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/AMAZON_LINUX-CVE-2017-5715/", "MSF:ILITIES/APPLE-OSX-MACOSHIGHSIERRA10132SUPPLEMENTALUPDATE-CVE-2017-5715/", "MSF:ILITIES/CENTOS_LINUX-CVE-2017-5715/", "MSF:ILITIES/GENTOO-LINUX-CVE-2017-5715/", "MSF:ILITIES/GENTOO-LINUX-CVE-2017-5754/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP1-CVE-2017-5715/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2017-5715/", "MSF:ILITIES/IBM-AIX-CVE-2017-5715/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2017-5715/", "MSF:ILITIES/ORACLE_LINUX-CVE-2017-5715/", "MSF:ILITIES/UBUNTU-CVE-2017-5715/", "MSF:ILITIES/UBUNTU-USN-3531-2/", "MSF:ILITIES/VMSA-2018-0002-CVE-2017-5715/"]}, {"type": "mscve", "idList": ["MS:ADV190013"]}, {"type": "mskb", "idList": ["KB4343897", "KB4467708", "KB4493448"]}, {"type": "msrc", "idList": ["MSRC:3EC2FAA8CFB89D38DF89D5273501E00C"]}, {"type": "myhack58", "idList": ["MYHACK58:62201787550"]}, {"type": "nessus", "idList": ["AIX_IJ03029.NASL", "AIX_IJ03030.NASL", "AIX_IJ03032.NASL", "AIX_IJ03033.NASL", "AIX_IJ03034.NASL", "AIX_IJ03035.NASL", "AIX_IJ03036.NASL", "AL2_ALAS-2018-939.NASL", "AL2_ALAS-2018-942.NASL", "AL2_ALAS-2018-952.NASL", "AL2_ALAS-2018-953.NASL", "AL2_ALAS-2018-956.NASL", "AL2_ALAS-2018-962.NASL", "ALA_ALAS-2018-939.NASL", "ALA_ALAS-2018-956.NASL", "CENTOS_RHSA-2017-1615.NASL", "CENTOS_RHSA-2018-0007.NASL", "CENTOS_RHSA-2018-0008.NASL", "CENTOS_RHSA-2018-0012.NASL", "CENTOS_RHSA-2018-0013.NASL", "CENTOS_RHSA-2018-0014.NASL", "CENTOS_RHSA-2018-0023.NASL", "CENTOS_RHSA-2018-0029.NASL", "CENTOS_RHSA-2018-0030.NASL", "CENTOS_RHSA-2018-1965.NASL", "CENTOS_RHSA-2018-1997.NASL", "CENTOS_RHSA-2018-2001.NASL", "CITRIX_XENSERVER_CTX231390.NASL", "DEBIAN_DLA-1232.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-2743.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4120.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "EULEROS_SA-2018-1001.NASL", "EULEROS_SA-2018-1002.NASL", "EULEROS_SA-2018-1192.NASL", "EULEROS_SA-2018-1193.NASL", "EULEROS_SA-2018-1194.NASL", "EULEROS_SA-2018-1195.NASL", "EULEROS_SA-2018-1196.NASL", "EULEROS_SA-2018-1197.NASL", "EULEROS_SA-2018-1200.NASL", "EULEROS_SA-2018-1201.NASL", "FEDORA_2016-06F1572324.NASL", "FEDORA_2016-2363B37A98.NASL", "FEDORA_2016-F8739A80B0.NASL", "FEDORA_2018-9F02E5ED7B.NASL", "GENTOO_GLSA-201804-08.NASL", "GOOGLE_CHROME_64_0_3282_119.NASL", "MACOSX_SAFARI11_0_2_PATCH_2018_01_08.NASL", "MOZILLA_FIREFOX_57_0_4.NASL", "NEWSTART_CGSL_NS-SA-2019-0132_LIBVIRT.NASL", "NEWSTART_CGSL_NS-SA-2019-0137_JAVA-1.8.0-OPENJDK.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL", "NVIDIA_UNIX_CVE_2017_5753.NASL", "NVIDIA_WIN_CVE_2017_5753.NASL", "OPENSUSE-2018-1.NASL", "OPENSUSE-2018-1143.NASL", "OPENSUSE-2018-118.NASL", "OPENSUSE-2018-169.NASL", "OPENSUSE-2018-2.NASL", "OPENSUSE-2018-20.NASL", "OPENSUSE-2018-24.NASL", "OPENSUSE-2018-3.NASL", "OPENSUSE-2018-358.NASL", "OPENSUSE-2018-4.NASL", "OPENSUSE-2018-700.NASL", "OPENSUSE-2018-75.NASL", "OPENSUSE-2018-8.NASL", "OPENSUSE-2018-9.NASL", "OPENSUSE-2019-1407.NASL", "OPENSUSE-2019-1438.NASL", "OPENSUSE-2019-1439.NASL", "OPENSUSE-2019-274.NASL", "OPENSUSE-2019-398.NASL", "OPENSUSE-2019-418.NASL", "OPENSUSE-2019-424.NASL", "OPENSUSE-2019-426.NASL", "OPENSUSE-2019-510.NASL", "OPENSUSE-2019-536.NASL", "OPENSUSE-2019-587.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-620.NASL", "OPENSUSE-2019-622.NASL", "ORACLELINUX_ELSA-2017-1615-1.NASL", "ORACLELINUX_ELSA-2017-1615.NASL", "ORACLELINUX_ELSA-2018-0007.NASL", "ORACLELINUX_ELSA-2018-0008.NASL", "ORACLELINUX_ELSA-2018-0012.NASL", "ORACLELINUX_ELSA-2018-0013.NASL", "ORACLELINUX_ELSA-2018-0023.NASL", "ORACLELINUX_ELSA-2018-0024.NASL", "ORACLELINUX_ELSA-2018-0029.NASL", "ORACLELINUX_ELSA-2018-0030.NASL", "ORACLELINUX_ELSA-2018-0395.NASL", "ORACLELINUX_ELSA-2018-4004.NASL", "ORACLELINUX_ELSA-2018-4006.NASL", "ORACLELINUX_ELSA-2018-4062.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4088.NASL", "ORACLELINUX_ELSA-2018-4089.NASL", "ORACLELINUX_ELSA-2018-4108.NASL", "ORACLELINUX_ELSA-2019-0818.NASL", "ORACLELINUX_ELSA-2019-4612.NASL", "ORACLELINUX_ELSA-2019-4710.NASL", "ORACLEVM_OVMSA-2018-0004.NASL", "ORACLEVM_OVMSA-2018-0005.NASL", "ORACLEVM_OVMSA-2018-0006.NASL", "ORACLEVM_OVMSA-2018-0007.NASL", "ORACLEVM_OVMSA-2018-0008.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0020.NASL", "ORACLEVM_OVMSA-2018-0021.NASL", "ORACLEVM_OVMSA-2018-0029.NASL", "ORACLEVM_OVMSA-2018-0033.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0041.NASL", "ORACLEVM_OVMSA-2019-0035.NASL", "PFSENSE_SA-18_03.NASL", "REDHAT-RHSA-2017-1615.NASL", "REDHAT-RHSA-2017-1616.NASL", "REDHAT-RHSA-2018-0007.NASL", "REDHAT-RHSA-2018-0008.NASL", "REDHAT-RHSA-2018-0009.NASL", "REDHAT-RHSA-2018-0010.NASL", "REDHAT-RHSA-2018-0011.NASL", "REDHAT-RHSA-2018-0012.NASL", "REDHAT-RHSA-2018-0013.NASL", "REDHAT-RHSA-2018-0014.NASL", "REDHAT-RHSA-2018-0015.NASL", "REDHAT-RHSA-2018-0016.NASL", "REDHAT-RHSA-2018-0017.NASL", "REDHAT-RHSA-2018-0018.NASL", "REDHAT-RHSA-2018-0020.NASL", "REDHAT-RHSA-2018-0021.NASL", "REDHAT-RHSA-2018-0022.NASL", "REDHAT-RHSA-2018-0023.NASL", "REDHAT-RHSA-2018-0024.NASL", "REDHAT-RHSA-2018-0025.NASL", "REDHAT-RHSA-2018-0026.NASL", "REDHAT-RHSA-2018-0027.NASL", "REDHAT-RHSA-2018-0028.NASL", "REDHAT-RHSA-2018-0029.NASL", "REDHAT-RHSA-2018-0030.NASL", "REDHAT-RHSA-2018-0031.NASL", "REDHAT-RHSA-2018-0032.NASL", "REDHAT-RHSA-2018-0034.NASL", "REDHAT-RHSA-2018-0035.NASL", "REDHAT-RHSA-2018-0036.NASL", "REDHAT-RHSA-2018-0037.NASL", "REDHAT-RHSA-2018-0038.NASL", "REDHAT-RHSA-2018-0039.NASL", "REDHAT-RHSA-2018-0040.NASL", "REDHAT-RHSA-2018-0044.NASL", "REDHAT-RHSA-2018-0045.NASL", "REDHAT-RHSA-2018-0046.NASL", "REDHAT-RHSA-2018-0047.NASL", "REDHAT-RHSA-2018-0048.NASL", "REDHAT-RHSA-2018-0050.NASL", "REDHAT-RHSA-2018-0051.NASL", "REDHAT-RHSA-2018-0052.NASL", "REDHAT-RHSA-2018-0053.NASL", "REDHAT-RHSA-2018-0182.NASL", "REDHAT-RHSA-2018-0292.NASL", "REDHAT-RHSA-2018-0395.NASL", "REDHAT-RHSA-2018-0412.NASL", "REDHAT-RHSA-2018-1129.NASL", "REDHAT-RHSA-2018-1130.NASL", "REDHAT-RHSA-2019-0818.NASL", "REDHAT-RHSA-2019-0833.NASL", "REDHAT-RHSA-2019-1046.NASL", "REDHAT-RHSA-2019-2029.NASL", "REDHAT-RHSA-2019-2043.NASL", "REDHAT-RHSA-2019-2809.NASL", "SLACKWARE_SSA_2018-037-01.NASL", "SL_20170628_KERNEL_ON_SL7_X.NASL", "SL_20180103_KERNEL_ON_SL6_X.NASL", "SL_20180103_KERNEL_ON_SL7_X.NASL", "SL_20180103_MICROCODE_CTL_ON_SL6_X.NASL", "SL_20180103_MICROCODE_CTL_ON_SL7_X.NASL", "SL_20180104_LIBVIRT_ON_SL6_X.NASL", "SL_20180104_LIBVIRT_ON_SL7_X.NASL", "SL_20180104_LINUX_FIRMWARE_ON_SL7_X.NASL", "SL_20180104_QEMU_KVM_ON_SL6_X.NASL", "SL_20180104_QEMU_KVM_ON_SL7_X.NASL", "SL_20180306_KERNEL_ON_SL7_X.NASL", "SL_20190423_KERNEL_ON_SL7_X.NASL", "SL_20190806_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2018-0006-1.NASL", "SUSE_SU-2018-0007-1.NASL", "SUSE_SU-2018-0009-1.NASL", "SUSE_SU-2018-0010-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0012-1.NASL", "SUSE_SU-2018-0019-1.NASL", "SUSE_SU-2018-0020-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0036-1.NASL", "SUSE_SU-2018-0039-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0056-1.NASL", "SUSE_SU-2018-0067-1.NASL", "SUSE_SU-2018-0068-1.NASL", "SUSE_SU-2018-0069-1.NASL", "SUSE_SU-2018-0219-1.NASL", "SUSE_SU-2018-0383-1.NASL", "SUSE_SU-2018-0416-1.NASL", "SUSE_SU-2018-0437-1.NASL", "SUSE_SU-2018-0438-1.NASL", "SUSE_SU-2018-0472-1.NASL", "SUSE_SU-2018-0525-1.NASL", "SUSE_SU-2018-0555-1.NASL", "SUSE_SU-2018-0601-1.NASL", "SUSE_SU-2018-0609-1.NASL", "SUSE_SU-2018-0638-1.NASL", "SUSE_SU-2018-0909-1.NASL", "SUSE_SU-2018-0920-1.NASL", "SUSE_SU-2018-1077-1.NASL", "SUSE_SU-2018-1295-1.NASL", "SUSE_SU-2018-2556-1.NASL", "SUSE_SU-2018-2565-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-2973-1.NASL", "SUSE_SU-2018-3064-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0645-1.NASL", "SUSE_SU-2019-0672-1.NASL", "SUSE_SU-2019-0683-1.NASL", "SUSE_SU-2019-0709-1.NASL", "SUSE_SU-2019-0722-1.NASL", "SUSE_SU-2019-0765-1.NASL", "SUSE_SU-2019-0767-1.NASL", "SUSE_SU-2019-0784-1.NASL", "SUSE_SU-2019-0828-1.NASL", "SUSE_SU-2019-0901-1.NASL", "SUSE_SU-2019-1211-1.NASL", "SUSE_SU-2019-1211-2.NASL", "SUSE_SU-2019-1219-1.NASL", "SUSE_SU-2019-1287-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13979-1.NASL", "SUSE_SU-2019-13999-1.NASL", "SUSE_SU-2019-2028-1.NASL", "UBUNTU_USN-2978-1.NASL", "UBUNTU_USN-2978-2.NASL", "UBUNTU_USN-2979-1.NASL", "UBUNTU_USN-2979-2.NASL", "UBUNTU_USN-3516-1.NASL", "UBUNTU_USN-3530-1.NASL", "UBUNTU_USN-3531-1.NASL", "UBUNTU_USN-3549-1.NASL", "UBUNTU_USN-3560-1.NASL", "UBUNTU_USN-3561-1.NASL", "UBUNTU_USN-3581-1.NASL", "UBUNTU_USN-3581-2.NASL", "UBUNTU_USN-3582-1.NASL", "UBUNTU_USN-3582-2.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3690-2.NASL", "UBUNTU_USN-3777-1.NASL", "UBUNTU_USN-3777-2.NASL", "UBUNTU_USN-3930-1.NASL", "UBUNTU_USN-3930-2.NASL", "UBUNTU_USN-3931-1.NASL", "UBUNTU_USN-3931-2.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-3933-1.NASL", "VIRTUOZZO_VZA-2018-002.NASL", "VIRTUOZZO_VZA-2018-003.NASL", "VIRTUOZZO_VZA-2018-006.NASL", "VMWARE_ESXI_VMSA-2018-0004.NASL", "VMWARE_VCENTER_VMSA-2018-0004.NASL", "VMWARE_VMSA-2018-0002.NASL", "VMWARE_VMSA-2018-0004.NASL", "VMWARE_VMSA-2018-0012.NASL", "XEN_SERVER_XSA-254.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4610", "NVIDIA:4611", "NVIDIA:4613", "NVIDIA:4614", "NVIDIA:4616", "NVIDIA:4617"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704073", "OPENVAS:1361412562310704120", "OPENVAS:1361412562310704179", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310812284", "OPENVAS:1361412562310812289", "OPENVAS:1361412562310812290", "OPENVAS:1361412562310812291", "OPENVAS:1361412562310812292", "OPENVAS:1361412562310812293", "OPENVAS:1361412562310812294", "OPENVAS:1361412562310812295", "OPENVAS:1361412562310812296", "OPENVAS:1361412562310812384", "OPENVAS:1361412562310812386", "OPENVAS:1361412562310812397", "OPENVAS:1361412562310812398", "OPENVAS:1361412562310812399", "OPENVAS:1361412562310812600", "OPENVAS:1361412562310812601", "OPENVAS:1361412562310812602", "OPENVAS:1361412562310812603", "OPENVAS:1361412562310812604", "OPENVAS:1361412562310812605", "OPENVAS:1361412562310812678", "OPENVAS:1361412562310843061", "OPENVAS:1361412562310843062", "OPENVAS:1361412562310843405", "OPENVAS:1361412562310843423", "OPENVAS:1361412562310843424", "OPENVAS:1361412562310843426", "OPENVAS:1361412562310843427", "OPENVAS:1361412562310843428", "OPENVAS:1361412562310843429", "OPENVAS:1361412562310843436", "OPENVAS:1361412562310843442", "OPENVAS:1361412562310843443", "OPENVAS:1361412562310843455", "OPENVAS:1361412562310843457", "OPENVAS:1361412562310843458", "OPENVAS:1361412562310843459", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843498", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843644", "OPENVAS:1361412562310843647", "OPENVAS:1361412562310851578", "OPENVAS:1361412562310851673", "OPENVAS:1361412562310851674", "OPENVAS:1361412562310851676", "OPENVAS:1361412562310851677", "OPENVAS:1361412562310851678", "OPENVAS:1361412562310851686", "OPENVAS:1361412562310851693", "OPENVAS:1361412562310851698", "OPENVAS:1361412562310851704", "OPENVAS:1361412562310851724", "OPENVAS:1361412562310851730", "OPENVAS:1361412562310871838", "OPENVAS:1361412562310872292", "OPENVAS:1361412562310872293", "OPENVAS:1361412562310873947", "OPENVAS:1361412562310873948", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874755", "OPENVAS:1361412562310874757", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874763", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876661", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876935", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310882747", "OPENVAS:1361412562310882820", "OPENVAS:1361412562310882821", "OPENVAS:1361412562310882822", "OPENVAS:1361412562310882823", "OPENVAS:1361412562310882824", "OPENVAS:1361412562310882914", "OPENVAS:1361412562310882915", "OPENVAS:1361412562310882917", "OPENVAS:1361412562310891232", "OPENVAS:1361412562310891349", "OPENVAS:1361412562310891369", "OPENVAS:703791"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018-3678067"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-1615", "ELSA-2017-1615-1", "ELSA-2018-0007", "ELSA-2018-0008", "ELSA-2018-0012", "ELSA-2018-0013", "ELSA-2018-0023", "ELSA-2018-0024", "ELSA-2018-0029", "ELSA-2018-0030", "ELSA-2018-0169", "ELSA-2018-0395", "ELSA-2018-0816", "ELSA-2018-2162", "ELSA-2018-2164", "ELSA-2018-4004", "ELSA-2018-4006", "ELSA-2018-4011", "ELSA-2018-4021", "ELSA-2018-4062", "ELSA-2018-4071", "ELSA-2018-4088", "ELSA-2018-4089", "ELSA-2018-4108", "ELSA-2019-2029"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:145645"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0001", "PAN-SA-2018-0002"]}, {"type": "photon", "idList": ["PHSA-2017-0026", "PHSA-2018-0011", "PHSA-2018-1.0-0098", "PHSA-2018-1.0-0102", "PHSA-2018-1.0-0151", "PHSA-2018-2.0-0015", "PHSA-2018-2.0-0049", "PHSA-2018-2.0-0101", "PHSA-2019-1.0-0221", "PHSA-2019-1.0-0224", "PHSA-2019-2.0-0142"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:02EAB5AF6104A4960F7E3B105CD50FA1", "QUALYSBLOG:3ACE52E54FF5FE3EF1B0FC328181FA66", "QUALYSBLOG:832B33D45F45271E91CA6542BC9CFD59", "QUALYSBLOG:BD020D07BF02B0790C62701D997BFD4D", "QUALYSBLOG:C9F2432F760D960CF69CDC55D87263A8", "QUALYSBLOG:D893D4DFB7141FDAD0BE869440074392", "QUALYSBLOG:E761CF659F35F9F5C29FB50D76B98C3E", "QUALYSBLOG:F8AA5B21D90BCDD30391A24D6FD47892"]}, {"type": "redhat", "idList": ["RHSA-2017:1615", "RHSA-2017:1616", "RHSA-2018:0395", "RHSA-2018:0412"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-3639", "RH:CVE-2020-24511"]}, {"type": "securelist", "idList": ["SECURELIST:7CF4DDEB1B5407DAA24EC25BAA7A9654"]}, {"type": "seebug", "idList": ["SSV:97059"]}, {"type": "slackware", "idList": ["SSA-2018-016-01", "SSA-2018-037-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:2739-1", "OPENSUSE-SU-2017:2741-1", "OPENSUSE-SU-2018:0013-1", "OPENSUSE-SU-2018:0022-1", "OPENSUSE-SU-2018:0023-1", "OPENSUSE-SU-2018:0026-1", "OPENSUSE-SU-2018:0030-1", "OPENSUSE-SU-2018:0059-1", "OPENSUSE-SU-2018:0066-1", "OPENSUSE-SU-2018:0326-1", "OPENSUSE-SU-2018:0459-1", "OPENSUSE-SU-2018:0939-1", "OPENSUSE-SU-2018:1904-1", "OPENSUSE-SU-2018:3103-1", "SUSE-SU-2018:0006-1", "SUSE-SU-2018:0007-1", "SUSE-SU-2018:0008-1", "SUSE-SU-2018:0009-1", "SUSE-SU-2018:0010-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0012-1", "SUSE-SU-2018:0019-1", "SUSE-SU-2018:0020-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0036-1", "SUSE-SU-2018:0039-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0041-1", "SUSE-SU-2018:0051-1", "SUSE-SU-2018:0056-1", "SUSE-SU-2018:0067-1", "SUSE-SU-2018:0068-1", "SUSE-SU-2018:0069-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:0219-1", "SUSE-SU-2018:0437-1", "SUSE-SU-2018:0438-1", "SUSE-SU-2018:0472-1", "SUSE-SU-2018:0525-1", "SUSE-SU-2018:0555-1", "SUSE-SU-2018:0601-1", "SUSE-SU-2018:0609-1", "SUSE-SU-2018:0638-1", "SUSE-SU-2018:0660-1", "SUSE-SU-2018:0678-1", "SUSE-SU-2018:0831-1", "SUSE-SU-2018:0838-1", "SUSE-SU-2018:0841-1", "SUSE-SU-2018:0909-1", "SUSE-SU-2018:0920-1", "SUSE-SU-2018:1077-1"]}, {"type": "symantec", "idList": ["SMNTC-1426"]}, {"type": "talosblog", "idList": ["TALOSBLOG:6AF8BBB020A686E442B50095CA9B7A36"]}, {"type": "thn", "idList": ["THN:58CFE19533148E77597FE0AC59963145", "THN:788E9312DDA39D9A09855DF379A0FD4D"]}, {"type": "threatpost", "idList": ["THREATPOST:0F9EDE9A622A021B9B79C50214D7E8AD", "THREATPOST:31234A4925170238A90EE40343968C48", "THREATPOST:4F13E380B1984CDEA728722B169027FB", "THREATPOST:5AEBAF88C55924F6A472867BE083F0B0", "THREATPOST:66600F3B128B00AC1B1B38670F93DE04", "THREATPOST:7458AE86ECA810D873D5D35916A93D9F", "THREATPOST:8F3BA63C697CD0B0AD4CDF30B9CF0987", "THREATPOST:DB0542CFA474B0D9C91032709EDE296D", "THREATPOST:E454192F36C2E44BAE14AB9B62BE28DB", "THREATPOST:F646E92307240E4B7D00CC0FC73BCE0D"]}, {"type": "trendmicroblog", "idList": ["TRENDMICROBLOG:6A0454A8A4891A1004496709868EC034"]}, {"type": "ubuntu", "idList": ["USN-3208-2", "USN-3468-1", "USN-3516-1", "USN-3531-2", "USN-3541-2", "USN-3542-1", "USN-3549-1", "USN-3581-1", "USN-3581-2", "USN-3594-1", "USN-3597-1", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3620-1", "USN-3620-2", "USN-3632-1", "USN-3777-1", "USN-3777-2", "USN-4985-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10853", "UB:CVE-2018-3639", "UB:CVE-2019-6974", "UB:CVE-2019-7221", "UB:CVE-2019-7222"]}, {"type": "virtuozzo", "idList": ["VZA-2017-004", "VZA-2018-001", "VZA-2018-002", "VZA-2018-003", "VZA-2018-006", "VZA-2018-016", "VZA-2018-017", "VZA-2018-023", "VZA-2018-032", "VZA-2018-033", "VZA-2018-034", "VZA-2018-037", "VZA-2018-047", "VZA-2018-048", "VZA-2019-042", "VZA-2019-045", "VZA-2019-046"]}, {"type": "vmware", "idList": ["VMSA-2018-0007.6"]}, {"type": "xen", "idList": ["XSA-254"]}, {"type": "zdt", "idList": ["1337DAY-ID-29366"]}]}, "exploitation": null, "vulnersScore": 0.3}, "pluginID": "124953", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124953);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2016-3713\",\n \"CVE-2016-8630\",\n \"CVE-2017-1000252\",\n \"CVE-2017-17741\",\n \"CVE-2017-2583\",\n \"CVE-2017-2584\",\n \"CVE-2017-5715\",\n \"CVE-2017-7518\",\n \"CVE-2018-10853\",\n \"CVE-2018-3639\",\n \"CVE-2019-6974\",\n \"CVE-2019-7221\",\n \"CVE-2019-7222\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.1.0 : kvm (EulerOS-SA-2019-1450)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kvm package installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in\n the Linux kernel before 4.6.1 supports MSR 0x2f8, which\n allows guest OS users to read or write to the\n kvm_arch_vcpu data structure, and consequently obtain\n sensitive information or cause a denial of service\n (system crash), via a crafted ioctl\n call.(CVE-2016-3713)\n\n - Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support is vulnerable to a null\n pointer dereference flaw. It could occur on x86\n platform, when emulating an undefined instruction. An\n attacker could use this flaw to crash the host kernel\n resulting in DoS.(CVE-2016-8630)\n\n - Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support was vulnerable to an\n incorrect segment selector(SS) value error. The error\n could occur while loading values into the SS register\n in long mode. A user or process inside a guest could\n use this flaw to crash the guest, resulting in DoS or\n potentially escalate their privileges inside the\n guest.(CVE-2017-2583)\n\n - arch/x86/kvm/emulate.c in the Linux kernel through\n 4.9.3 allows local users to obtain sensitive\n information from kernel memory or cause a denial of\n service (use-after-free) via a crafted application that\n leverages instruction emulation for fxrstor, fxsave,\n sgdt, and sidt.(CVE-2017-2584)\n\n - A reachable assertion failure flaw was found in the\n Linux kernel built with KVM virtualisation(CONFIG_KVM)\n support with Virtual Function I/O feature (CONFIG_VFIO)\n enabled. This failure could occur if a malicious guest\n device sent a virtual interrupt (guest IRQ) with a\n larger (i1/4z1024) index value.(CVE-2017-1000252)\n\n - An industry-wide issue was found in the way many modern\n microprocessor designs have implemented speculative\n execution of instructions (a commonly used performance\n optimization). There are three primary variants of the\n issue which differ in the way the speculative execution\n can be exploited. Variant CVE-2017-5715 triggers the\n speculative execution by utilizing branch target\n injection. It relies on the presence of a\n precisely-defined instruction sequence in the\n privileged code as well as the fact that memory\n accesses may cause allocation into the microprocessor's\n data cache even for speculatively executed instructions\n that never actually commit (retire). As a result, an\n unprivileged attacker could use this flaw to cross the\n syscall and guest/host boundaries and read privileged\n memory by conducting targeted cache side-channel\n attacks.(CVE-2017-5715)\n\n - A flaw was found in the way the Linux KVM module\n processed the trap flag(TF) bit in EFLAGS during\n emulation of the syscall instruction, which leads to a\n debug exception(#DB) being raised in the guest stack. A\n user/process inside a guest could use this flaw to\n potentially escalate their privileges inside the guest.\n Linux guests are not affected by this.(CVE-2017-7518)\n\n - Linux kernel compiled with the KVM virtualization\n (CONFIG_KVM) support is vulnerable to an out-of-bounds\n read access issue. It could occur when emulating vmcall\n instructions invoked by a guest. A guest user/process\n could use this flaw to disclose kernel memory\n bytes.(CVE-2017-17741)\n\n - Systems with microprocessors utilizing speculative\n execution and speculative execution of memory reads\n before the addresses of all prior memory writes are\n known may allow unauthorized disclosure of information\n to an attacker with local user access via a\n side-channel analysis, aka Speculative Store Bypass\n (SSB), Variant 4.(CVE-2018-3639)\n\n - kernel: kvm: guest userspace to guest kernel\n write(CVE-2018-10853)\n\n - In the Linux kernel before 4.20.8,\n kvm_ioctl_create_device in virt/kvm/kvm_main.c\n mishandles reference counting because of a race\n condition, leading to a use-after-free.(CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through\n 4.20.5 has an Information Leak.(CVE-2019-7222)\n\n - The KVM implementation in the Linux kernel through\n 4.20.5 has a Use-after-Free.(CVE-2019-7221)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1450\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3d6cefe5\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kvm-4.4.11-30.011\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kvm\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:kvm", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "solution": "Update the affected kvm packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "High", "score": "7.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-05-08T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1660032824, "score": 1660033902}, "_internal": {"score_hash": "845da1e7b0e0a4b4ff4454907ebca21e"}}
{"openvas": [{"lastseen": "2020-01-27T18:37:34", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1450)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2017-2584", "CVE-2017-17741", "CVE-2017-7518", "CVE-2018-10853", "CVE-2017-1000252", "CVE-2016-8630", "CVE-2017-2583", "CVE-2017-5715", "CVE-2019-7221", "CVE-2019-6974", "CVE-2018-3639", "CVE-2016-3713"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191450", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191450", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1450\");\n script_version(\"2020-01-23T11:47:36+0000\");\n script_cve_id(\"CVE-2016-3713\", \"CVE-2016-8630\", \"CVE-2017-1000252\", \"CVE-2017-17741\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-5715\", \"CVE-2017-7518\", \"CVE-2018-10853\", \"CVE-2018-3639\", \"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:47:36 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:47:36 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1450)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1450\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1450\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2019-1450 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The msr_mtrr_valid function in arch/x86/kvm/mtrr.c in the Linux kernel before 4.6.1 supports MSR 0x2f8, which allows guest OS users to read or write to the kvm_arch_vcpu data structure, and consequently obtain sensitive information or cause a denial of service (system crash), via a crafted ioctl call.(CVE-2016-3713)\n\nLinux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS.(CVE-2016-8630)\n\nLinux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.(CVE-2017-2583)\n\narch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.(CVE-2017-2584)\n\nA reachable assertion failure flaw was found in the Linux kernel built with KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature (CONFIG_VFIO) enabled. This failure could occur if a malicious guest device sent a virtual interrupt (guest IRQ) with a larger (1024) index value.(CVE-2017-1000252)\n\nAn industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks.(CVE-2017-5715)\n\nA flaw was found in the way the Linux KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug excep ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~30.011\", rls:\"EULEROSVIRT-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-164946aa7f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-7221", "CVE-2019-6974"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310876300", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876300", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876300\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-7222\", \"CVE-2019-6974\", \"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:43:19 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2019-164946aa7f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-164946aa7f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BFPBVTFKHIC7CCIVD6NKPWXRZNOCG74\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-headers'\n package(s) announced via the FEDORA-2019-164946aa7f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Kernel-headers includes the C header files that specify the interface\nbetween the Linux kernel and userspace libraries and programs. The\nheader files define structures and constants that are needed for\nbuilding most standard programs and are also needed for rebuilding the\nglibc package.\");\n\n script_tag(name:\"affected\", value:\"'kernel-headers' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.20.8~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-164946aa7f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-7221", "CVE-2019-6974"], "modified": "2019-05-14T00:00:00", "id": "OPENVAS:1361412562310875952", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875952", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875952\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2019-7222\", \"CVE-2019-6974\", \"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:29:30 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-164946aa7f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-164946aa7f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46R6LVGCMPBTPT2FCJQDSB5X27JMQKOF\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2019-164946aa7f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the tools/ directory from the kernel source\nand the supporting documentation.\");\n\n script_tag(name:\"affected\", value:\"'kernel-tools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.20.8~200.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:12", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-3da64f3e61", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-7221", "CVE-2019-6974"], "modified": "2019-03-29T00:00:00", "id": "OPENVAS:1361412562310875458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875458", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875458\");\n script_version(\"2019-03-29T08:13:51+0000\");\n script_cve_id(\"CVE-2019-7222\", \"CVE-2019-6974\", \"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-03-29 08:13:51 +0000 (Fri, 29 Mar 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-16 04:07:14 +0100 (Sat, 16 Feb 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-3da64f3e61\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3da64f3e61\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3X72TKZZ4IT3MTC2NWQCO53ZCJ2FKSZC\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel-tools' package(s) announced via the FEDORA-2019-3da64f3e61 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-tools on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.20.8~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "description": "The remote host is missing an update for the\n ", "cvss3": {}, "published": "2019-02-16T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-3da64f3e61", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-7221", "CVE-2019-6974"], "modified": "2019-03-29T00:00:00", "id": "OPENVAS:1361412562310875460", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875460", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875460\");\n script_version(\"2019-03-29T08:13:51+0000\");\n script_cve_id(\"CVE-2019-7222\", \"CVE-2019-6974\", \"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-03-29 08:13:51 +0000 (Fri, 29 Mar 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-02-16 04:09:07 +0100 (Sat, 16 Feb 2019)\");\n script_name(\"Fedora Update for kernel-headers FEDORA-2019-3da64f3e61\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-3da64f3e61\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INV5MYGVXPJHLJQOEB4SEQTRKP3LBKGG\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the\n 'kernel-headers' package(s) announced via the FEDORA-2019-3da64f3e61 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is\n present on the target host.\");\n\n script_tag(name:\"affected\", value:\"kernel-headers on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.20.8~100.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-09-05T14:51:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-01T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2019:0818 centos7 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7221", "CVE-2019-6974"], "modified": "2019-09-05T00:00:00", "id": "OPENVAS:1361412562310883045", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883045", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883045\");\n script_version(\"2019-09-05T05:22:48+0000\");\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-05 05:22:48 +0000 (Thu, 05 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-01 02:00:59 +0000 (Wed, 01 May 2019)\");\n script_name(\"CentOS Update for kernel CESA-2019:0818 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:0818\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-April/023278.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the CESA-2019:0818 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es):\n\n * Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()\n(CVE-2019-6974)\n\n * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the\npreemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n\n * rbd: avoid corruption on partially completed bios [rhel-7.6.z]\n(BZ#1672514)\n\n * xfs_vm_writepages deadly embrace between kworker and user task.\n[rhel-7.6.z] (BZ#1673281)\n\n * Offload Connections always get vlan priority 0 [rhel-7.6.z] (BZ#1673821)\n\n * [NOKIA] RHEL sends flood of Neighbour Solicitations under specific\nconditions [rhel-7.6.z] (BZ#1677179)\n\n * RHEL 7.6 - Host crash occurred on NVMe/IB system while running controller\nreset [rhel-7.6.z] (BZ#1678214)\n\n * [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z]\n(BZ#1678215)\n\n * [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue\ncreation causes kernel panic [rhel-7.6.z] (BZ#1678216)\n\n * RFC: Regression with -fstack-check in 'backport upstream large stack\nguard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)\n\n * [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup\n[rhel-7.6.z] (BZ#1679997)\n\n * rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z] (BZ#1683078)\n\n * ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)\n\n * high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter\nfail-over [rhel-7.6.z] (BZ#1683093)\n\n * Openshift node drops outgoing POD traffic due to NAT hashtable race in\n__ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)\n\n * [Backport] [v3, 2/2] net: igmp: Allow user-space configuration of igmp\nunsolicited report interval [rhel-7.6.z] (BZ#1686771)\n\n * [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter\n[rhel-7.6.z] (BZ#1687487)\n\n * The number of unsolict report about IGMP is incorrect [rhel-7.6.z]\n(BZ#1688225)\n\n * RDT driver causing failure to boot on AMD Rome system with more than 255\nCPUs [rhel-7.6.z] (BZ#1689120)\n\n * mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)\n\n * rwsem in inconsistent state leading system to hung [rhel-7.6.z]\n(BZ#1690323)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix\nthese bugs.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"bpftool\", rpm:\"bpftool~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~957.12.1.el7\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:50:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-02-19T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2019:0203-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-20669", "CVE-2019-7221", "CVE-2019-6974", "CVE-2019-3459"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852305", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852305", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852305\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-20669\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-19 04:07:48 +0100 (Tue, 19 Feb 2019)\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2019:0203-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0203-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the openSUSE-SU-2019:0203-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 15.0 kernel was updated to\n receive various security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2019-3459, CVE-2019-3460: Two information leaks in the bluetooth\n stack were fixed. (bnc#1120758).\n\n - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed.\n (bnc#1124732).\n\n - CVE-2019-7222: A information leak in exception handling in KVM could be\n used to expose host memory to guests. (bnc#1124735).\n\n - CVE-2019-6974: A use-after-free in the KVM device control API was\n fixed. (bnc#1124728).\n\n - CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915\n driver were fixed which might have lead to information leaks.\n (bnc#1122971).\n\n The following non-security bugs were fixed:\n\n - 6lowpan: iphc: reset mac_header after decompress to fix panic\n (bsc#1051510).\n\n - 9p: clear dangling pointers in p9stat_free (bsc#1051510).\n\n - 9p locks: fix glock.client_id leak in do_lock (bsc#1051510).\n\n - 9p/net: put a lower bound on msize (bsc#1051510).\n\n - acpi/nfit: Block function zero DSMs (bsc#1051510).\n\n - acpi, nfit: Fix Address Range Scrub completion tracking (bsc#1124969).\n\n - acpi/nfit: Fix command-supported detection (bsc#1051510).\n\n - acpi/nfit: Fix race accessing memdev in nfit_get_smbios_id()\n (bsc#1122662).\n\n - acpi/nfit: Fix user-initiated ARS to be 'ARS-long' rather than\n 'ARS-short' (bsc#1124969).\n\n - ACPI: power: Skip duplicate power resource references in _PRx\n (bsc#1051510).\n\n - Add delay-init quirk for Corsair K70 RGB keyboards (bsc#1087092).\n\n - af_iucv: Move sockaddr length checks to before accessing sa_family in\n bind and connect handlers (bsc#1051510).\n\n - alsa: bebob: fix model-id of unit for Apogee Ensemble (bsc#1051510).\n\n - alsa: compress: Fix stop handling on compressed capture streams\n (bsc#1051510).\n\n - alsa: hda - Add mute LED support for HP ProBook 470 G5 (bsc#1051510).\n\n - alsa: hda/ca0132 - Fix build error without CONFIG_PCI (bsc#1051510).\n\n - alsa: hda/realtek - Fixed hp_pin no value (bsc#1051510).\n\n - alsa: hda/realtek - Fix lose hp_pins for disable auto mute (bsc#1051510).\n\n - alsa: hda/realtek - Use a common helper for hp pin reference\n (bsc#1051510).\n\n - alsa: hda - Serialize codec registrations (bsc#1122944).\n\n - alsa: hda - Use standard device registration for beep (bsc#1122944).\n\n - alsa: oxfw: add support for APOGEE duet FireWire (bsc#1051510).\n\n - alsa: usb-audio: Add Opus #3 to quirks for native DSD support\n (bsc#1051510).\n\n - alsa: usb-audio: Add support for new T+A USB DAC (bsc#1051510).\n\n - amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs\n (bsc#1122927).\n\n - arm: ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"the on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall\", rpm:\"kernel-kvmsmall~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base\", rpm:\"kernel-kvmsmall-base~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-base-debuginfo\", rpm:\"kernel-kvmsmall-base-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debuginfo\", rpm:\"kernel-kvmsmall-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-debugsource\", rpm:\"kernel-kvmsmall-debugsource~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel\", rpm:\"kernel-kvmsmall-devel~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-kvmsmall-devel-debuginfo\", rpm:\"kernel-kvmsmall-devel-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~4.12.14~lp150.12.48.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-876deae183", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8630"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871927", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871927", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-876deae183\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871927\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:20:29 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-8630\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-876deae183\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-876deae183\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PK5IJ4CPHNMANKL4YU4JWFENHMEBSJF5\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.8.7~300.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-14c4187e3a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8630"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810127", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810127", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-14c4187e3a\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810127\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-02 14:04:28 +0100 (Fri, 02 Dec 2016)\");\n script_cve_id(\"CVE-2016-8630\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-14c4187e3a\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-14c4187e3a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3WA5MYDRY3QJVY6IVR26CQWNLKQRBYB\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.8.7~200.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for qemu FEDORA-2018-9f02e5ed7b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-15268", "CVE-2017-15038", "CVE-2017-5715", "CVE-2018-3639"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874779", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874779", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_9f02e5ed7b_qemu_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for qemu FEDORA-2018-9f02e5ed7b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874779\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-07-07 06:06:30 +0200 (Sat, 07 Jul 2018)\");\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\", \"CVE-2017-15038\", \"CVE-2017-15268\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for qemu FEDORA-2018-9f02e5ed7b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'qemu'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"qemu on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-9f02e5ed7b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/373L2XWLDD2AOQXC5BD5TXK2LZ7VJK2V\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"qemu\", rpm:\"qemu~2.10.1~4.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T17:34:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2018:1623-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5753", "CVE-2017-5754", "CVE-2017-5715", "CVE-2018-3639"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851978", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851978", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851978\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:26:08 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2018:1623-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:1623-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-06/msg00014.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the openSUSE-SU-2018:1623-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for xen to version 4.10.1 fixes several issues (bsc#1027519).\n\n These security issues were fixed:\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting\n information via a side-channel analysis, aka Speculative Store Bypass\n (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753, CVE-2017-5715, CVE-2017-5754: Improved Spectre v2\n mitigations (bsc#1074562).\n\n This non-security issue was fixed:\n\n - Always call qemus xen-save-devices-state in suspend/resume to fix\n migration with qcow2 images (bsc#1079730)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-599=1\");\n\n script_tag(name:\"affected\", value:\"xen on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit-debuginfo\", rpm:\"xen-libs-32bit-debuginfo~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.10.1_04~lp150.2.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-01-31T16:47:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-03-02T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for the (openSUSE-SU-2019:0274-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222", "CVE-2019-3460", "CVE-2018-5391", "CVE-2019-7221", "CVE-2019-3459"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852327", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852327", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852327\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-5391\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-02 04:07:53 +0100 (Sat, 02 Mar 2019)\");\n script_name(\"openSUSE: Security Advisory for the (openSUSE-SU-2019:0274-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0274-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-03/msg00000.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the'\n package(s) announced via the openSUSE-SU-2019:0274-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was updated to 4.4.175 to receive various\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2018-5391: Fixed a vulnerability, which allowed an attacker to cause\n a denial of service attack with low rates of packets targeting IP\n fragment re-assembly. (bsc#1103097)\n\n - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM\n hypervisor related to the emulation of a preemption timer, allowing an\n guest user/process to crash the host kernel. (bsc#1124732).\n\n - CVE-2019-7222: Fixed an information leakage in the KVM hypervisor\n related to handling page fault exceptions, which allowed a guest\n user/process to use this flaw to leak the host's stack memory contents\n to a guest (bsc#1124735).\n\n The following non-security bugs were fixed:\n\n - ASoC: Intel: mrfld: fix uninitialized variable access (bnc#1012382).\n\n - ASoC: atom: fix a missing check of snd_pcm_lib_malloc_pages\n (bnc#1012382).\n\n - ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M (bnc#1012382).\n\n - Documentation/network: reword kernel version reference (bnc#1012382).\n\n - IB/core: type promotion bug in rdma_rw_init_one_mr() ().\n\n - IB/rxe: Fix incorrect cache cleanup in error flow ().\n\n - IB/rxe: replace kvfree with vfree ().\n\n - NFC: nxp-nci: Include unaligned.h instead of access_ok.h (bnc#1012382).\n\n - RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1020413, ).\n\n - RDMA/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446).\n\n - Revert 'Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire\n F5-573G' (bnc#1012382).\n\n - Revert 'cifs: In Kconfig CONFIG_CIFS_POSIX needs depends on legacy\n (insecure cifs)' (bnc#1012382).\n\n - Revert 'exec: load_script: do not blindly truncate shebang string'\n (bnc#1012382).\n\n - Revert 'loop: Fix double mutex_unlock(& loop_ctl_mutex) in\n loop_control_ioctl()' (bnc#1012382).\n\n - Revert 'loop: Fold __loop_release into loop_release' (bnc#1012382).\n\n - Revert 'loop: Get rid of loop_index_mutex' (bnc#1012382).\n\n - Revert 'mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1120902).'\n\n - Revert most of 4.4.174 (kabi).\n\n - acpi, nfit: Fix ARS overflow continuation (bsc#1125000).\n\n - acpi/nfit: fix cmd_rc for acpi_nfit_ctl to always return a value\n (bsc#1124775).\n\n - alpha: Fix Eiger NR_IRQS to 128 (bnc#1012382).\n\n - alpha: fix page fault handling for r16-r18 targets (bnc#1012382).\n\n - alsa: compress: Fix stop handling on compressed capture streams\n (bnc#1012382).\n\n - alsa: hda - Add quirk for HP EliteBook 840 G5 (bnc#1012382).\n\n - alsa: hda - Serialize codec registrations (bnc#1012382).\n\n - alsa: usb-audio: Fix implicit fb e ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"the on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.175~89.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-25T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-1ebb87e7c0", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17741"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873948", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873948", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_1ebb87e7c0_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-1ebb87e7c0\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873948\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-25 08:13:58 +0100 (Mon, 25 Dec 2017)\");\n script_cve_id(\"CVE-2017-17741\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-1ebb87e7c0\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-1ebb87e7c0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3UJPVEDI5KDH3CYBIUPFXSWIL424I7S\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.14.8~300.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:37:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1370)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7221"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191370", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1370\");\n script_version(\"2020-01-23T11:40:38+0000\");\n script_cve_id(\"CVE-2019-7221\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:40:38 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:40:38 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1370)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1370\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1370\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2019-1370 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.(CVE-2019-7221)\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~553\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:47", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2018-1269)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10853"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181269", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181269", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1269\");\n script_version(\"2020-01-23T14:23:06+0000\");\n script_cve_id(\"CVE-2018-10853\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 14:23:06 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:19:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2018-1269)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1269\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1269\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2018-1269 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.(CVE-2018-10853)\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 2.5.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~523\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:38", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1372)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191372", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191372", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1372\");\n script_version(\"2020-01-23T11:40:41+0000\");\n script_cve_id(\"CVE-2019-6974\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:40:41 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:40:41 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1372)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1372\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1372\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2019-1372 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system.(CVE-2019-6974)\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~552\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:39:56", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1255)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191255", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191255", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1255\");\n script_version(\"2020-01-23T11:36:36+0000\");\n script_cve_id(\"CVE-2019-6974\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:36:36 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:36:36 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1255)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1255\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1255\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2019-1255 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system.CVE-2019-6974\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~552\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:40", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1369)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-7222"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191369", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191369", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1369\");\n script_version(\"2020-01-23T11:40:37+0000\");\n script_cve_id(\"CVE-2019-7222\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:40:37 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:40:37 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1369)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1369\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1369\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kvm' package(s) announced via the EulerOS-SA-2019-1369 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest.(CVE-2019-7222)\");\n\n script_tag(name:\"affected\", value:\"'kvm' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kvm\", rpm:\"kvm~4.4.11~554\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-08-02T00:00:00", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2018-2b053454a4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5748", "CVE-2018-6764", "CVE-2017-5715", "CVE-2017-1000256", "CVE-2018-3639"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874871", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874871", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_2b053454a4_libvirt_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for libvirt FEDORA-2018-2b053454a4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874871\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-02 06:01:22 +0200 (Thu, 02 Aug 2018)\");\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\", \"CVE-2018-5748\", \"CVE-2018-6764\",\n \"CVE-2017-1000256\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libvirt FEDORA-2018-2b053454a4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"libvirt on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-2b053454a4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K6UO5GVWH3VTHRNSE7JAMS6D64LCRSHH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~3.7.0~6.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-24T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-e6012e74b6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2583"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872293", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872293", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e6012e74b6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872293\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:37 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e6012e74b6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-e6012e74b6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-01-24T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-18ce368ba3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2583"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872292", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-18ce368ba3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872292\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:36 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-18ce368ba3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-18ce368ba3\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUP3VSS5T3CHVQKRLRAY7DBGZG3GODOT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~100.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2022-04-05T23:42:33", "description": "**Issue Overview:**\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system. (CVE-2019-7221)\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system. (CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest. (CVE-2019-7222)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 kernel-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-4.14.101-75.76.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.101-75.76.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.101-75.76.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.101-75.76.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.101-75.76.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-26T18:55:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-03-04T23:51:00", "id": "ALAS-2019-1165", "href": "https://alas.aws.amazon.com/ALAS-2019-1165.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-06T00:22:16", "description": "**Issue Overview:**\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system.(CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest.(CVE-2019-7222)\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.(CVE-2019-7221)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 kernel-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-aarch64-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.101-91.76.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.101-91.76.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 kernel-headers-4.14.101-91.76.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.101-91.76.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.101-91.76.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.101-91.76.amzn2.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-03-07T18:24:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-03-08T00:38:00", "id": "ALAS2-2019-1165", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1165.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:25:12", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-tools-4.20.8-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:25:12", "id": "FEDORA:9B9346230079", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3X72TKZZ4IT3MTC2NWQCO53ZCJ2FKSZC/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:25:12", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: kernel-headers-4.20.8-100.fc28", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:25:12", "id": "FEDORA:434906215647", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/INV5MYGVXPJHLJQOEB4SEQTRKP3LBKGG/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:58:04", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-headers-4.20.8-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:58:04", "id": "FEDORA:69EFB60B9EEF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3BFPBVTFKHIC7CCIVD6NKPWXRZNOCG74/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:50", "description": "This package contains the tools/ directory from the kernel source and the supporting documentation. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-02-16T01:58:04", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: kernel-tools-4.20.8-200.fc29", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-02-16T01:58:04", "id": "FEDORA:8BE0F60BB4E1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/46R6LVGCMPBTPT2FCJQDSB5X27JMQKOF/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-11-17T02:27:30", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kernel-4.8.7-200.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8630"], "modified": "2016-11-17T02:27:30", "id": "FEDORA:8EB6260D0217", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A3WA5MYDRY3QJVY6IVR26CQWNLKQRBYB/", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-11-19T22:23:25", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: kernel-4.8.7-300.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8630"], "modified": "2016-11-19T22:23:25", "id": "FEDORA:E2FD36125E3E", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PK5IJ4CPHNMANKL4YU4JWFENHMEBSJF5/", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:54", "description": "QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system (for example a PC), including a processor and various peripherials. It can be used to launch different Operating Systems without rebooting the PC or to debug system code. * User mode emulation. In this mode, QEMU can launch Linux processes compi led for one CPU on another CPU. As QEMU requires no host kernel patches to run, it is safe and easy to use. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-07-06T15:45:59", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: qemu-2.10.1-4.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15038", "CVE-2017-15268", "CVE-2017-5715", "CVE-2018-3639"], "modified": "2018-07-06T15:45:59", "id": "FEDORA:958BD626BB06", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/373L2XWLDD2AOQXC5BD5TXK2LZ7VJK2V/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.0}, "published": "2017-12-24T21:18:53", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: kernel-4.14.8-300.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17741"], "modified": "2017-12-24T21:18:53", "id": "FEDORA:731106077DEB", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/V3UJPVEDI5KDH3CYBIUPFXSWIL424I7S/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:50", "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2018-08-01T17:55:42", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: libvirt-3.7.0-6.fc27", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000256", "CVE-2017-5715", "CVE-2018-3639", "CVE-2018-5748", "CVE-2018-6764"], "modified": "2018-08-01T17:55:42", "id": "FEDORA:660AA642E1AC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/K6UO5GVWH3VTHRNSE7JAMS6D64LCRSHH/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-24T03:21:29", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: kernel-4.9.5-200.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2583"], "modified": "2017-01-24T03:21:29", "id": "FEDORA:5E6FC604AF75", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "The kernel meta package ", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-24T03:49:50", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: kernel-4.9.5-100.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-2583"], "modified": "2017-01-24T03:49:50", "id": "FEDORA:E736B60877BC", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SUP3VSS5T3CHVQKRLRAY7DBGZG3GODOT/", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2022-08-10T15:45:45", "description": "A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system.(CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest.(CVE-2019-7222)\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.(CVE-2019-7221)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-08T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2019-1165)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1165.NASL", "href": "https://www.tenable.com/plugins/nessus/122671", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1165.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122671);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:16\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_xref(name:\"ALAS\", value:\"2019-1165\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2019-1165)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free vulnerability was found in the way the Linux kernel's\nKVM hypervisor implements its device control API. While creating a\ndevice via kvm_ioctl_create_device(), the device holds a reference to\na VM object, later this reference is transferred to the caller's file\ndescriptor table. If such file descriptor was to be closed, reference\ncount to the VM object could become zero, potentially leading to a\nuse-after-free issue. A user/process could use this flaw to crash the\nguest VM resulting in a denial of service issue or, potentially, gain\nprivileged access to a system.(CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM\nhypervisor handled page fault exceptions while emulating instructions\nlike VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an\noperand. It occurs if the operand is a mmio address, as the returned\nexception object holds uninitialized stack memory contents. A guest\nuser/process could use this flaw to leak host's stack memory contents\nto a guest.(CVE-2019-7222)\n\nA use-after-free vulnerability was found in the way the Linux kernel's\nKVM hypervisor emulates a preemption timer for L2 guests when nested\n(=1) virtualization is enabled. This high resolution timer(hrtimer)\nruns when a L2 guest is active. After VM exit, the sync_vmcs12() timer\nobject is stopped. The use-after-free occurs if the timer object is\nfreed before calling sync_vmcs12() routine. A guest user/process could\nuse this flaw to crash the host kernel resulting in a denial of\nservice or, potentially, gain privileged access to a\nsystem.(CVE-2019-7221)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1165.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.101-91.76.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.101-91.76.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:43:04", "description": "The 4.20.8 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "Fedora 28 : kernel / kernel-headers / kernel-tools (2019-3da64f3e61)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-3DA64F3E61.NASL", "href": "https://www.tenable.com/plugins/nessus/122278", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-3da64f3e61.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122278);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/23 11:21:10\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_xref(name:\"FEDORA\", value:\"2019-3da64f3e61\");\n\n script_name(english:\"Fedora 28 : kernel / kernel-headers / kernel-tools (2019-3da64f3e61)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.20.8 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-3da64f3e61\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-3da64f3e61\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"kernel-4.20.8-100.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-headers-4.20.8-100.fc28\")) flag++;\nif (rpm_check(release:\"FC28\", reference:\"kernel-tools-4.20.8-100.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:43:05", "description": "The 4.20.8 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-164946aa7f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-09-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-164946AA7F.NASL", "href": "https://www.tenable.com/plugins/nessus/122275", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-164946aa7f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122275);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/23 11:21:09\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_xref(name:\"FEDORA\", value:\"2019-164946aa7f\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-164946aa7f)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.20.8 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-164946aa7f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-164946aa7f\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-4.20.8-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-4.20.8-200.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-4.20.8-200.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:46:06", "description": "A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.\n(CVE-2019-7221)\n\nA use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system. (CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest. (CVE-2019-7222)", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-05T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2019-1165)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2019-04-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1165.NASL", "href": "https://www.tenable.com/plugins/nessus/122602", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1165.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122602);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/04/02 21:54:16\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n script_xref(name:\"ALAS\", value:\"2019-1165\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2019-1165)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use-after-free vulnerability was found in the way the Linux kernel's\nKVM hypervisor emulates a preemption timer for L2 guests when nested\n(=1) virtualization is enabled. This high resolution timer(hrtimer)\nruns when a L2 guest is active. After VM exit, the sync_vmcs12() timer\nobject is stopped. The use-after-free occurs if the timer object is\nfreed before calling sync_vmcs12() routine. A guest user/process could\nuse this flaw to crash the host kernel resulting in a denial of\nservice or, potentially, gain privileged access to a system.\n(CVE-2019-7221)\n\nA use-after-free vulnerability was found in the way the Linux kernel's\nKVM hypervisor implements its device control API. While creating a\ndevice via kvm_ioctl_create_device(), the device holds a reference to\na VM object, later this reference is transferred to the caller's file\ndescriptor table. If such file descriptor was to be closed, reference\ncount to the VM object could become zero, potentially leading to a\nuse-after-free issue. A user/process could use this flaw to crash the\nguest VM resulting in a denial of service issue or, potentially, gain\nprivileged access to a system. (CVE-2019-6974)\n\nAn information leakage issue was found in the way Linux kernel's KVM\nhypervisor handled page fault exceptions while emulating instructions\nlike VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an\noperand. It occurs if the operand is a mmio address, as the returned\nexception object holds uninitialized stack memory contents. A guest\nuser/process could use this flaw to leak host's stack memory contents\nto a guest. (CVE-2019-7222)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1165.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.101-75.76.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.101-75.76.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-04-24T17:34:00", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user/process inside guest could use this flaw to crash the guest resulting in DoS or potentially escalate their privileges inside guest.\n\n - arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.4, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-03-27T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-2583", "CVE-2017-2584"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2017-004.NASL", "href": "https://www.tenable.com/plugins/nessus/97976", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97976);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-2583\",\n \"CVE-2017-2584\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-004)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support is vulnerable to an\n incorrect segment selector(SS) value error. The error\n could occur while loading values into the SS register\n in long mode. A user/process inside guest could use\n this flaw to crash the guest resulting in DoS or\n potentially escalate their privileges inside guest.\n\n - arch/x86/kvm/emulate.c in the Linux kernel through\n 4.9.3 allows local users to obtain sensitive\n information from kernel memory or cause a denial of\n service (use-after-free) via a crafted application that\n leverages instruction emulation for fxrstor, fxsave,\n sgdt, and sidt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2734643\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84a60371\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2dca61ae\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7af5a350\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.18.2.vz7.15.2\",\n \"patch\",\"readykernel-patch-15.2-10.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.18.7\",\n \"patch\",\"readykernel-patch-18.7-10.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.20.18\",\n \"patch\",\"readykernel-patch-20.18-10.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:48:10", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* rbd: avoid corruption on partially completed bios [rhel-7.6.z] (BZ#1672514)\n\n* xfs_vm_writepages deadly embrace between kworker and user task.\n[rhel-7.6.z] (BZ#1673281)\n\n* Offload Connections always get vlan priority 0 [rhel-7.6.z] (BZ#1673821)\n\n* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific conditions [rhel-7.6.z] (BZ#1677179)\n\n* RHEL 7.6 - Host crash occurred on NVMe/IB system while running controller reset [rhel-7.6.z] (BZ#1678214)\n\n* [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z] (BZ#1678215)\n\n* [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue creation causes kernel panic [rhel-7.6.z] (BZ#1678216)\n\n* RFC: Regression with -fstack-check in 'backport upstream large stack guard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)\n\n* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup [rhel-7.6.z] (BZ#1679997)\n\n* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z] (BZ#1683078)\n\n* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)\n\n* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter fail-over [rhel-7.6.z] (BZ#1683093)\n\n* Openshift node drops outgoing POD traffic due to NAT hashtable race in __ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)\n\n* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp unsolicited report interval [rhel-7.6.z] (BZ#1686771)\n\n* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter [rhel-7.6.z] (BZ#1687487)\n\n* The number of unsolict report about IGMP is incorrect [rhel-7.6.z] (BZ# 1688225)\n\n* RDT driver causing failure to boot on AMD Rome system with more than 255 CPUs [rhel-7.6.z] (BZ#1689120)\n\n* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)\n\n* rwsem in inconsistent state leading system to hung [rhel-7.6.z] (BZ# 1690323)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-01T00:00:00", "type": "nessus", "title": "CentOS 7 : kernel (CESA-2019:0818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2019-12-31T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bpftool", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2019-0818.NASL", "href": "https://www.tenable.com/plugins/nessus/124416", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0818 and \n# CentOS Errata and Security Advisory 2019:0818 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124416);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n script_xref(name:\"RHSA\", value:\"2019:0818\");\n\n script_name(english:\"CentOS 7 : kernel (CESA-2019:0818)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()\n(CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of\nthe preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* rbd: avoid corruption on partially completed bios [rhel-7.6.z]\n(BZ#1672514)\n\n* xfs_vm_writepages deadly embrace between kworker and user task.\n[rhel-7.6.z] (BZ#1673281)\n\n* Offload Connections always get vlan priority 0 [rhel-7.6.z]\n(BZ#1673821)\n\n* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific\nconditions [rhel-7.6.z] (BZ#1677179)\n\n* RHEL 7.6 - Host crash occurred on NVMe/IB system while running\ncontroller reset [rhel-7.6.z] (BZ#1678214)\n\n* [rhel7] raid0 md workqueue deadlock with stacked md devices\n[rhel-7.6.z] (BZ#1678215)\n\n* [PureStorage7.6]nvme disconnect following an unsuccessful Admin\nqueue creation causes kernel panic [rhel-7.6.z] (BZ#1678216)\n\n* RFC: Regression with -fstack-check in 'backport upstream large stack\nguard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)\n\n* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after\nifdown/ifup [rhel-7.6.z] (BZ#1679997)\n\n* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z]\n(BZ#1683078)\n\n* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)\n\n* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing\nqrouter fail-over [rhel-7.6.z] (BZ#1683093)\n\n* Openshift node drops outgoing POD traffic due to NAT hashtable race\nin __ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)\n\n* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of\nigmp unsolicited report interval [rhel-7.6.z] (BZ#1686771)\n\n* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter\n[rhel-7.6.z] (BZ#1687487)\n\n* The number of unsolict report about IGMP is incorrect [rhel-7.6.z]\n(BZ# 1688225)\n\n* RDT driver causing failure to boot on AMD Rome system with more than\n255 CPUs [rhel-7.6.z] (BZ#1689120)\n\n* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)\n\n* rwsem in inconsistent state leading system to hung [rhel-7.6.z] (BZ#\n1690323)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2019-April/023278.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7a8db01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6974\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perf-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-957.12.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:48:11", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* rbd: avoid corruption on partially completed bios [rhel-7.6.z] (BZ#1672514)\n\n* xfs_vm_writepages deadly embrace between kworker and user task.\n[rhel-7.6.z] (BZ#1673281)\n\n* Offload Connections always get vlan priority 0 [rhel-7.6.z] (BZ#1673821)\n\n* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific conditions [rhel-7.6.z] (BZ#1677179)\n\n* RHEL 7.6 - Host crash occurred on NVMe/IB system while running controller reset [rhel-7.6.z] (BZ#1678214)\n\n* [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z] (BZ#1678215)\n\n* [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue creation causes kernel panic [rhel-7.6.z] (BZ#1678216)\n\n* RFC: Regression with -fstack-check in 'backport upstream large stack guard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)\n\n* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup [rhel-7.6.z] (BZ#1679997)\n\n* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z] (BZ#1683078)\n\n* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)\n\n* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter fail-over [rhel-7.6.z] (BZ#1683093)\n\n* Openshift node drops outgoing POD traffic due to NAT hashtable race in __ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)\n\n* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp unsolicited report interval [rhel-7.6.z] (BZ#1686771)\n\n* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter [rhel-7.6.z] (BZ#1687487)\n\n* The number of unsolict report about IGMP is incorrect [rhel-7.6.z] (BZ# 1688225)\n\n* RDT driver causing failure to boot on AMD Rome system with more than 255 CPUs [rhel-7.6.z] (BZ#1689120)\n\n* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)\n\n* rwsem in inconsistent state leading system to hung [rhel-7.6.z] (BZ# 1690323)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-24T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2019:0818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:7.6"], "id": "REDHAT-RHSA-2019-0818.NASL", "href": "https://www.tenable.com/plugins/nessus/124256", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0818. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124256);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n script_xref(name:\"RHSA\", value:\"2019:0818\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2019:0818)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()\n(CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of\nthe preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* rbd: avoid corruption on partially completed bios [rhel-7.6.z]\n(BZ#1672514)\n\n* xfs_vm_writepages deadly embrace between kworker and user task.\n[rhel-7.6.z] (BZ#1673281)\n\n* Offload Connections always get vlan priority 0 [rhel-7.6.z]\n(BZ#1673821)\n\n* [NOKIA] RHEL sends flood of Neighbour Solicitations under specific\nconditions [rhel-7.6.z] (BZ#1677179)\n\n* RHEL 7.6 - Host crash occurred on NVMe/IB system while running\ncontroller reset [rhel-7.6.z] (BZ#1678214)\n\n* [rhel7] raid0 md workqueue deadlock with stacked md devices\n[rhel-7.6.z] (BZ#1678215)\n\n* [PureStorage7.6]nvme disconnect following an unsuccessful Admin\nqueue creation causes kernel panic [rhel-7.6.z] (BZ#1678216)\n\n* RFC: Regression with -fstack-check in 'backport upstream large stack\nguard patch to RHEL6' patch [rhel-7.6.z] (BZ#1678221)\n\n* [Hyper-V] [RHEL 7.6]hv_netvsc: Fix a network regression after\nifdown/ifup [rhel-7.6.z] (BZ#1679997)\n\n* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z]\n(BZ#1683078)\n\n* ACPI WDAT watchdog update [rhel-7.6.z] (BZ#1683079)\n\n* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing\nqrouter fail-over [rhel-7.6.z] (BZ#1683093)\n\n* Openshift node drops outgoing POD traffic due to NAT hashtable race\nin __ip_conntrack_confirm() [rhel-7.6.z] (BZ#1686766)\n\n* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of\nigmp unsolicited report interval [rhel-7.6.z] (BZ#1686771)\n\n* [RHEL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter\n[rhel-7.6.z] (BZ#1687487)\n\n* The number of unsolict report about IGMP is incorrect [rhel-7.6.z]\n(BZ# 1688225)\n\n* RDT driver causing failure to boot on AMD Rome system with more than\n255 CPUs [rhel-7.6.z] (BZ#1689120)\n\n* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z] (BZ#1689379)\n\n* rwsem in inconsistent state leading system to hung [rhel-7.6.z] (BZ#\n1690323)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-7221\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-6974\", \"CVE-2019-7221\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:0818\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0818\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:47:27", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* VM hangs on RHEL rt-kernel and OSP 13 [rhel-7.6.z] (BZ#1688673)\n\n* kernel-rt: update to the RHEL7.6.z batch#4 source tree (BZ#1689417)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix these bugs.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-24T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-rt (RHSA-2019:0833)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2019-0833.NASL", "href": "https://www.tenable.com/plugins/nessus/124259", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:0833. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124259);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/10/24 15:35:46\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n script_xref(name:\"RHSA\", value:\"2019:0833\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2019:0833)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()\n(CVE-2019-6974)\n\n* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of\nthe preemption timer (CVE-2019-7221)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* VM hangs on RHEL rt-kernel and OSP 13 [rhel-7.6.z] (BZ#1688673)\n\n* kernel-rt: update to the RHEL7.6.z batch#4 source tree (BZ#1689417)\n\nUsers of kernel are advised to upgrade to these updated packages,\nwhich fix these bugs.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:0833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-6974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-7221\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-6974\", \"CVE-2019-7221\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2019:0833\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:0833\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-debuginfo-3.10.0-957.12.1.rt56.927.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:47:06", "description": "Security Fix(es) :\n\n - Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)\n\n - Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)\n\nBug Fix(es) :\n\n - rbd: avoid corruption on partially completed bios [rhel-7.6.z]\n\n - xfs_vm_writepages deadly embrace between kworker and user task. [rhel-7.6.z]\n\n - Offload Connections always get vlan priority 0 [rhel-7.6.z]\n\n - [NOKIA] SL sends flood of Neighbour Solicitations under specific conditions [rhel-7.6.z]\n\n - SL 7.6 - Host crash occurred on NVMe/IB system while running controller reset [rhel-7.6.z]\n\n - [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z]\n\n - [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue creation causes kernel panic [rhel-7.6.z]\n\n - RFC: Regression with -fstack-check in 'backport upstream large stack guard patch to SL6' patch [rhel-7.6.z]\n\n - [Hyper-V] [SL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup [rhel-7.6.z]\n\n - rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z]\n\n - ACPI WDAT watchdog update [rhel-7.6.z]\n\n - high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter fail-over [rhel-7.6.z]\n\n - Openshift node drops outgoing POD traffic due to NAT hashtable race in __ip_conntrack_confirm() [rhel-7.6.z]\n\n - [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp unsolicited report interval [rhel-7.6.z]\n\n - [SL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter [rhel-7.6.z]\n\n - The number of unsolict report about IGMP is incorrect [rhel-7.6.z]\n\n - RDT driver causing failure to boot on AMD Rome system with more than 255 CPUs [rhel-7.6.z]\n\n - mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z]\n\n - rwsem in inconsistent state leading system to hung [rhel-7.6.z]", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64 (20190423)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bpftool", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-tools", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20190423_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/124290", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124290);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64 (20190423)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - Kernel: KVM: potential use-after-free via\n kvm_ioctl_create_device() (CVE-2019-6974)\n\n - Kernel: KVM: nVMX: use-after-free of the hrtimer for\n emulation of the preemption timer (CVE-2019-7221)\n\nBug Fix(es) :\n\n - rbd: avoid corruption on partially completed bios\n [rhel-7.6.z]\n\n - xfs_vm_writepages deadly embrace between kworker and\n user task. [rhel-7.6.z]\n\n - Offload Connections always get vlan priority 0\n [rhel-7.6.z]\n\n - [NOKIA] SL sends flood of Neighbour Solicitations under\n specific conditions [rhel-7.6.z]\n\n - SL 7.6 - Host crash occurred on NVMe/IB system while\n running controller reset [rhel-7.6.z]\n\n - [rhel7] raid0 md workqueue deadlock with stacked md\n devices [rhel-7.6.z]\n\n - [PureStorage7.6]nvme disconnect following an\n unsuccessful Admin queue creation causes kernel panic\n [rhel-7.6.z]\n\n - RFC: Regression with -fstack-check in 'backport upstream\n large stack guard patch to SL6' patch [rhel-7.6.z]\n\n - [Hyper-V] [SL 7.6]hv_netvsc: Fix a network regression\n after ifdown/ifup [rhel-7.6.z]\n\n - rtc_cmos: probe of 00:01 failed with error -16\n [rhel-7.6.z]\n\n - ACPI WDAT watchdog update [rhel-7.6.z]\n\n - high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel\n causing qrouter fail-over [rhel-7.6.z]\n\n - Openshift node drops outgoing POD traffic due to NAT\n hashtable race in __ip_conntrack_confirm() [rhel-7.6.z]\n\n - [Backport] [v3,2/2] net: igmp: Allow user-space\n configuration of igmp unsolicited report interval\n [rhel-7.6.z]\n\n - [SL7.6]: Intermittently seen FIFO parity error on\n T6225-SO adapter [rhel-7.6.z]\n\n - The number of unsolict report about IGMP is incorrect\n [rhel-7.6.z]\n\n - RDT driver causing failure to boot on AMD Rome system\n with more than 255 CPUs [rhel-7.6.z]\n\n - mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z]\n\n - rwsem in inconsistent state leading system to hung\n [rhel-7.6.z]\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1904&L=SCIENTIFIC-LINUX-ERRATA&P=6935\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7cab843a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bpftool-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-957.12.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-957.12.1.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:47:49", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-0818 advisory.\n\n - In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. (CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. (CVE-2019-7221)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-24T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kernel (ELSA-2019-0818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2019-0818.NASL", "href": "https://www.tenable.com/plugins/nessus/124254", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-0818.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124254);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\");\n script_xref(name:\"RHSA\", value:\"2019:0818\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2019-0818)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-0818 advisory.\n\n - In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference\n counting because of a race condition, leading to a use-after-free. (CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. (CVE-2019-7221)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-0818.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.10.0-957.12.1.el7'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-0818');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.10';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-3.10.0'},\n {'reference':'kernel-abi-whitelists-3.10.0-957.12.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-3.10.0'},\n {'reference':'kernel-debug-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-3.10.0'},\n {'reference':'kernel-debug-devel-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-3.10.0'},\n {'reference':'kernel-devel-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-3.10.0'},\n {'reference':'kernel-headers-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-3.10.0'},\n {'reference':'kernel-tools-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-3.10.0'},\n {'reference':'kernel-tools-libs-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-3.10.0'},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-3.10.0'},\n {'reference':'perf-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.12.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T14:59:53", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM implements its device control API. When a device is created via kvm_ioctl_create_device(), it holds a reference to a VM object. This reference is transferred to file descriptor table of the caller. If such file descriptor was closed, reference count to the VM object could become zero, which could lead to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM emulates a preemption timer for L2 guests when nested virtualization is enabled. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - It was discovered that a certain sequence of operations related to IPv4 routing could trigger a kernel memory leak. An attacker could potentially exploit that from a container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-045)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-045.NASL", "href": "https://www.tenable.com/plugins/nessus/133454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133454);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2019-6974\",\n \"CVE-2019-7221\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-045)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM\n implements its device control API. When a device is\n created via kvm_ioctl_create_device(), it holds a\n reference to a VM object. This reference is transferred\n to file descriptor table of the caller. If such file\n descriptor was closed, reference count to the VM object\n could become zero, which could lead to a use-after-free\n issue. A user/process could use this flaw to crash the\n guest VM resulting in a denial of service or,\n potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM\n emulates a preemption timer for L2 guests when nested\n virtualization is enabled. A guest user/process could\n use this flaw to crash the host kernel resulting in a\n denial of service or, potentially, gain privileged\n access to a system.\n\n - It was discovered that a certain sequence of operations\n related to IPv4 routing could trigger a kernel memory\n leak. An attacker could potentially exploit that from a\n container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1524/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1526/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.1.1.vz7.37.30\",\n \"patch\",\"readykernel-patch-37.30-77.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.11.6.vz7.40.4\",\n \"patch\",\"readykernel-patch-40.4-77.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T14:59:53", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM implements its device control API. When a device is created via kvm_ioctl_create_device(), it holds a reference to a VM object. This reference is transferred to file descriptor table of the caller. If such file descriptor was closed, reference count to the VM object could become zero, which could lead to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM emulates a preemption timer for L2 guests when nested virtualization is enabled. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - It was discovered that a certain sequence of operations related to IPv4 routing could trigger a kernel memory leak. An attacker could potentially exploit that from a container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-042)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-042.NASL", "href": "https://www.tenable.com/plugins/nessus/133453", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133453);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2019-6974\",\n \"CVE-2019-7221\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-042)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM\n implements its device control API. When a device is\n created via kvm_ioctl_create_device(), it holds a\n reference to a VM object. This reference is transferred\n to file descriptor table of the caller. If such file\n descriptor was closed, reference count to the VM object\n could become zero, which could lead to a use-after-free\n issue. A user/process could use this flaw to crash the\n guest VM resulting in a denial of service or,\n potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM\n emulates a preemption timer for L2 guests when nested\n virtualization is enabled. A guest user/process could\n use this flaw to crash the host kernel resulting in a\n denial of service or, potentially, gain privileged\n access to a system.\n\n - It was discovered that a certain sequence of operations\n related to IPv4 routing could trigger a kernel memory\n leak. An attacker could potentially exploit that from a\n container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1509/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1510/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1512/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.11.6.vz7.64.7\",\n \"patch\",\"readykernel-patch-64.7-80.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.24\",\n \"patch\",\"readykernel-patch-73.24-80.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.20.2.vz7.73.29\",\n \"patch\",\"readykernel-patch-73.29-80.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:00:27", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM implements its device control API. When a device is created via kvm_ioctl_create_device(), it holds a reference to a VM object. This reference is transferred to file descriptor table of the caller. If such file descriptor was closed, reference count to the VM object could become zero, which could lead to a use-after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM emulates a preemption timer for L2 guests when nested virtualization is enabled. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.\n\n - It was discovered that a certain sequence of operations related to IPv4 routing could trigger a kernel memory leak. An attacker could potentially exploit that from a container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-04T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2019-046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2019-046.NASL", "href": "https://www.tenable.com/plugins/nessus/133455", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133455);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2019-6974\",\n \"CVE-2019-7221\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2019-046)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A use-after-free vulnerability was found in the way KVM\n implements its device control API. When a device is\n created via kvm_ioctl_create_device(), it holds a\n reference to a VM object. This reference is transferred\n to file descriptor table of the caller. If such file\n descriptor was closed, reference count to the VM object\n could become zero, which could lead to a use-after-free\n issue. A user/process could use this flaw to crash the\n guest VM resulting in a denial of service or,\n potentially, gain privileged access to a system.\n\n - A use-after-free vulnerability was found in the way KVM\n emulates a preemption timer for L2 guests when nested\n virtualization is enabled. A guest user/process could\n use this flaw to crash the host kernel resulting in a\n denial of service or, potentially, gain privileged\n access to a system.\n\n - It was discovered that a certain sequence of operations\n related to IPv4 routing could trigger a kernel memory\n leak. An attacker could potentially exploit that from a\n container to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://virtuozzosupport.force.com/s/article/VZA-2019-046\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1528/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1530/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1532/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://readykernel.com/patch/1534/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.17.1.vz7.43.10\",\n \"patch\",\"readykernel-patch-43.10-80.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.46.7\",\n \"patch\",\"readykernel-patch-46.7-80.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-693.21.1.vz7.48.2\",\n \"patch\",\"readykernel-patch-48.2-80.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-862.9.1.vz7.63.3\",\n \"patch\",\"readykernel-patch-63.3-80.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-16T16:21:34", "description": "This update for qemu fixes several issues. This security issue was fixed :\n\n - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885). Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named 'ssbd' to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well.\n For this feature to be enabled please use the qemu commandline\n\n -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take advantage of the feature. spec-ctrl and ssbd support is also required in the host.\n\n - CVE-2017-5715: This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl feature for all x86 vcpu types. We remove that initial patch and now rely on patches from upstream (bsc#1068032). This update defines spec_ctrl and ibpb cpu feature flags as well as new cpu models which are clones of existing models with either -IBRS or -IBPB added to the end of the model name. These new vcpu models explicitly include the new feature(s), whereas the feature flags can be added to the cpu parameter as with other features. In short, for continued Spectre v2 protection, ensure that either the appropriate cpu feature flag is added to the QEMU command-line, or one of the new cpu models is used.\n Although migration from older versions is supported, the new cpu features won't be properly exposed to the guest until it is restarted with the cpu features explicitly added. A reboot is insufficient.\n\n - A patch is added to continue to detect Spectre v2 mitigation features (as shown by cpuid), and if found provide that feature to guests, even if running on older KVM (kernel) versions which do not yet expose that feature to QEMU. (bsc#1082276)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-05-23T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1363-1) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1363-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110030", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1363-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110030);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1363-1) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes several issues. This security issue was\nfixed :\n\n - CVE-2018-3639: Spectre v4 vulnerability mitigation\n support for KVM guests (bsc#1092885). Systems with\n microprocessors utilizing speculative execution and\n speculative execution of memory reads before the\n addresses of all prior memory writes are known may allow\n unauthorized disclosure of information to an attacker\n with local user access via a side-channel analysis. This\n patch permits the new x86 cpu feature flag named 'ssbd'\n to be presented to the guest, given that the host has\n this feature, and KVM exposes it to the guest as well.\n For this feature to be enabled please use the qemu\n commandline\n\n -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take\n advantage of the feature. spec-ctrl and ssbd support is\n also required in the host.\n\n - CVE-2017-5715: This update has the next round of Spectre\n v2 related patches, which now integrates with\n corresponding changes in libvirt. A January 2018 release\n of qemu initially addressed the Spectre v2 vulnerability\n for KVM guests by exposing the spec-ctrl feature for all\n x86 vcpu types. We remove that initial patch and now\n rely on patches from upstream (bsc#1068032). This update\n defines spec_ctrl and ibpb cpu feature flags as well as\n new cpu models which are clones of existing models with\n either -IBRS or -IBPB added to the end of the model\n name. These new vcpu models explicitly include the new\n feature(s), whereas the feature flags can be added to\n the cpu parameter as with other features. In short, for\n continued Spectre v2 protection, ensure that either the\n appropriate cpu feature flag is added to the QEMU\n command-line, or one of the new cpu models is used.\n Although migration from older versions is supported, the\n new cpu features won't be properly exposed to the guest\n until it is restarted with the cpu features explicitly\n added. A reboot is insufficient.\n\n - A patch is added to continue to detect Spectre v2\n mitigation features (as shown by cpuid), and if found\n provide that feature to guests, even if running on older\n KVM (kernel) versions which do not yet expose that\n feature to QEMU. (bsc#1082276)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181363-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db5bcdc1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-950=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-950=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"qemu-x86-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"qemu-s390-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-block-curl-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-block-curl-debuginfo-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-debugsource-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-guest-agent-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-guest-agent-debuginfo-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-kvm-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-lang-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-tools-2.3.1-33.9.4\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"qemu-tools-debuginfo-2.3.1-33.9.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:24:20", "description": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC)\n\n* This release also includes next iteration of the CVE-2017-5715 mitigation that includes the SMCCC (Secure Monitor Call Calling Convention) 1.1 support. (CVE-2017-5715, ARM)\n\nRed Hat would like to thank Google Project Zero for reporting CVE-2017-5715 and Ken Johnson (Microsoft Security Response Center) and Jann Horn (Google Project Zero) for reporting CVE-2018-3639.\n\nBug Fix(es) :\n\nThese updated kernel-alt packages include numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3485851", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-06-27T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-alt (RHSA-2018:1967) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7"], "id": "REDHAT-RHSA-2018-1967.NASL", "href": "https://www.tenable.com/plugins/nessus/110709", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:1967. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110709);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\");\n script_xref(name:\"RHSA\", value:\"2018:1967\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"RHEL 7 : kernel-alt (RHSA-2018:1967) (Spectre)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for kernel-alt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es) :\n\n* An industry-wide issue was found in the way many modern\nmicroprocessor designs have implemented speculative execution of Load\n& Store instructions (a commonly used performance optimization). It\nrelies on the presence of a precisely-defined instruction sequence in\nthe privileged code as well as the fact that memory read from address\nto which a recent memory write has occurred may see an older value and\nsubsequently cause an update into the microprocessor's data cache even\nfor speculatively executed instructions that never actually commit\n(retire). As a result, an unprivileged attacker could use this flaw to\nread privileged memory by conducting targeted cache side-channel\nattacks. (CVE-2018-3639, PowerPC)\n\n* This release also includes next iteration of the CVE-2017-5715\nmitigation that includes the SMCCC (Secure Monitor Call Calling\nConvention) 1.1 support. (CVE-2017-5715, ARM)\n\nRed Hat would like to thank Google Project Zero for reporting\nCVE-2017-5715 and Ken Johnson (Microsoft Security Response Center) and\nJann Horn (Google Project Zero) for reporting CVE-2018-3639.\n\nBug Fix(es) :\n\nThese updated kernel-alt packages include numerous bug fixes. Space\nprecludes documenting all of the bug fixes in this advisory. See the\ndescriptions in the related Knowledge Article:\nhttps://access.redhat.com/articles/3485851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2018-3639\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-5715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/3485851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:1967\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-5715\", \"CVE-2018-3639\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2018:1967\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:1967\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-4.14.0-49.8.1.el7a\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-4.14.0-49.8.1.el7a\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:20:53", "description": "This update for qemu fixes several issues. This security issue was fixed :\n\n - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885). Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named 'ssbd' to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well.\n For this feature to be enabled please use the qemu commandline\n\n -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take advantage of the feature. spec-ctrl and ssbd support is also required in the host.\n\n - CVE-2017-5715: This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl feature for all x86 vcpu types. We remove that initial patch and now rely on patches from upstream (bsc#1068032). This update defines spec_ctrl and ibpb cpu feature flags as well as new cpu models which are clones of existing models with either -IBRS or -IBPB added to the end of the model name. These new vcpu models explicitly include the new feature(s), whereas the feature flags can be added to the cpu parameter as with other features. In short, for continued Spectre v2 protection, ensure that either the appropriate cpu feature flag is added to the QEMU command-line, or one of the new cpu models is used.\n Although migration from older versions is supported, the new cpu features won't be properly exposed to the guest until it is restarted with the cpu features explicitly added. A reboot is insufficient.\n\n - A patch is added to continue to detect Spectre v2 mitigation features (as shown by cpuid), and if found provide that feature to guests, even if running on older KVM (kernel) versions which do not yet expose that feature to QEMU. (bsc#1082276)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-05-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1386-1) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:qemu", "p-cpe:/a:novell:suse_linux:qemu-block-curl", "p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-block-rbd", "p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-debugsource", "p-cpe:/a:novell:suse_linux:qemu-guest-agent", "p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-kvm", "p-cpe:/a:novell:suse_linux:qemu-lang", "p-cpe:/a:novell:suse_linux:qemu-s390", "p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-tools", "p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo", "p-cpe:/a:novell:suse_linux:qemu-x86", "p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1386-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110090", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1386-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110090);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1386-1) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for qemu fixes several issues. This security issue was\nfixed :\n\n - CVE-2018-3639: Spectre v4 vulnerability mitigation\n support for KVM guests (bsc#1092885). Systems with\n microprocessors utilizing speculative execution and\n speculative execution of memory reads before the\n addresses of all prior memory writes are known may allow\n unauthorized disclosure of information to an attacker\n with local user access via a side-channel analysis. This\n patch permits the new x86 cpu feature flag named 'ssbd'\n to be presented to the guest, given that the host has\n this feature, and KVM exposes it to the guest as well.\n For this feature to be enabled please use the qemu\n commandline\n\n -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take\n advantage of the feature. spec-ctrl and ssbd support is\n also required in the host.\n\n - CVE-2017-5715: This update has the next round of Spectre\n v2 related patches, which now integrates with\n corresponding changes in libvirt. A January 2018 release\n of qemu initially addressed the Spectre v2 vulnerability\n for KVM guests by exposing the spec-ctrl feature for all\n x86 vcpu types. We remove that initial patch and now\n rely on patches from upstream (bsc#1068032). This update\n defines spec_ctrl and ibpb cpu feature flags as well as\n new cpu models which are clones of existing models with\n either -IBRS or -IBPB added to the end of the model\n name. These new vcpu models explicitly include the new\n feature(s), whereas the feature flags can be added to\n the cpu parameter as with other features. In short, for\n continued Spectre v2 protection, ensure that either the\n appropriate cpu feature flag is added to the QEMU\n command-line, or one of the new cpu models is used.\n Although migration from older versions is supported, the\n new cpu features won't be properly exposed to the guest\n until it is restarted with the cpu features explicitly\n added. A reboot is insufficient.\n\n - A patch is added to continue to detect Spectre v2\n mitigation features (as shown by cpuid), and if found\n provide that feature to guests, even if running on older\n KVM (kernel) versions which do not yet expose that\n feature to QEMU. (bsc#1082276)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082276\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181386-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3fd1a21\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-968=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-block-rbd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-guest-agent-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-s390-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:qemu-x86-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-block-rbd-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-block-rbd-debuginfo-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-x86-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"qemu-x86-debuginfo-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"qemu-s390-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"qemu-s390-debuginfo-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-block-curl-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-block-curl-debuginfo-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-debugsource-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-guest-agent-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-guest-agent-debuginfo-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-kvm-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-lang-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-tools-2.0.2-48.40.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"qemu-tools-debuginfo-2.0.2-48.40.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"qemu\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T16:24:43", "description": "Add new CPU features for CVE-2017-5715 and CVE-2018-3639 On Intel x86 hosts, the 'ssbd' feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. NB this requires new microcode too, which is not yet available in Fedora microcode_ctl RPMs. On AMD x86 hosts, the 'virt-ssbd' feature must be explicitly added to any virtual machines that are not using host-passthrough/host-model CPU setup. There is no microcode dependency for AMD as this is a virtualized CPUID feature. In both cases, kernel >= 4.16.10-301 is required on the host and guest in order to activate the fix.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-07-09T00:00:00", "type": "nessus", "title": "Fedora 27 : 2:qemu (2018-9f02e5ed7b) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2018-3639"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:2:qemu", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-9F02E5ED7B.NASL", "href": "https://www.tenable.com/plugins/nessus/110951", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-9f02e5ed7b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110951);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-3639\");\n script_xref(name:\"FEDORA\", value:\"2018-9f02e5ed7b\");\n\n script_name(english:\"Fedora 27 : 2:qemu (2018-9f02e5ed7b) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Add new CPU features for CVE-2017-5715 and CVE-2018-3639 On Intel x86\nhosts, the 'ssbd' feature must be explicitly added to any virtual\nmachines that are not using host-passthrough/host-model CPU setup. NB\nthis requires new microcode too, which is not yet available in Fedora\nmicrocode_ctl RPMs. On AMD x86 hosts, the 'virt-ssbd' feature must be\nexplicitly added to any virtual machines that are not using\nhost-passthrough/host-model CPU setup. There is no microcode\ndependency for AMD as this is a virtualized CPUID feature. In both\ncases, kernel >= 4.16.10-301 is required on the host and guest in\norder to activate the fix.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-9f02e5ed7b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 2:qemu package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:2:qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/09\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"qemu-2.10.1-4.fc27\", epoch:\"2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"2:qemu\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-08-10T15:43:33", "description": "The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. (bnc#1120758).\n\n - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed. (bnc#1124732).\n\n - CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests.\n (bnc#1124735).\n\n - CVE-2019-6974: A use-after-free in the KVM device control API was fixed. (bnc#1124728).\n\n - CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. (bnc#1122971).\n\nThe following non-security bugs were fixed :\n\n - 6lowpan: iphc: reset mac_header after decompress to fix panic (bsc#1051510).\n\n - 9p: clear dangling pointers in p9stat_free (bsc#1051510).\n\n - 9p locks: fix glock.client_id leak in do_lock (bsc#1051510).\n\n - 9p/net: put a lower bound on msize (bsc#1051510).\n\n - acpi/nfit: Block function zero DSMs (bsc#1051510).\n\n - acpi, nfit: Fix Address Range Scrub completion tracking (bsc#1124969).\n\n - acpi/nfit: Fix command-supported detection (bsc#1051510).\n\n - acpi/nfit: Fix race accessing memdev in nfit_get_smbios_id() (bsc#1122662).\n\n - acpi/nfit: Fix user-initiated ARS to be 'ARS-long' rather than 'ARS-short' (bsc#1124969).\n\n - ACPI: power: Skip duplicate power resource references in\n _PRx (bsc#1051510).\n\n - Add delay-init quirk for Corsair K70 RGB keyboards (bsc#1087092).\n\n - af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bsc#1051510).\n\n - alsa: bebob: fix model-id of unit for Apogee Ensemble (bsc#1051510).\n\n - alsa: compress: Fix stop handling on compressed capture streams (bsc#1051510).\n\n - alsa: hda - Add mute LED support for HP ProBook 470 G5 (bsc#1051510).\n\n - alsa: hda/ca0132 - Fix build error without CONFIG_PCI (bsc#1051510).\n\n - alsa: hda/realtek - Fixed hp_pin no value (bsc#1051510).\n\n - alsa: hda/realtek - Fix lose hp_pins for disable auto mute (bsc#1051510).\n\n - alsa: hda/realtek - Use a common helper for hp pin reference (bsc#1051510).\n\n - alsa: hda - Serialize codec registrations (bsc#1122944).\n\n - alsa: hda - Use standard device registration for beep (bsc#1122944).\n\n - alsa: oxfw: add support for APOGEE duet FireWire (bsc#1051510).\n\n - alsa: usb-audio: Add Opus #3 to quirks for native DSD support (bsc#1051510).\n\n - alsa: usb-audio: Add support for new T+A USB DAC (bsc#1051510).\n\n - amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs (bsc#1122927).\n\n - arm: 8802/1: Call syscall_trace_exit even when system call skipped (bsc#1051510).\n\n - arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bsc#1051510).\n\n - arm: 8815/1: V7M: align v7m_dma_inv_range() with v7 counterpart (bsc#1051510).\n\n - arm/arm64: kvm:vgic: Force VM halt when changing the active state of GICv3 PPIs/SGIs (bsc#1051510).\n\n - arm: cns3xxx: Fix writing to wrong PCI config registers after alignment (bsc#1051510).\n\n - arm: cns3xxx: Use actual size reads for PCIe (bsc#1051510).\n\n - arm: imx: update the cpu power up timing setting on i.mx6sx (bsc#1051510).\n\n - arm: kvm:Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bsc#1051510).\n\n - arm: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt (bsc#1051510).\n\n - arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bsc#1051510).\n\n - arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bsc#1051510).\n\n - ASoC: dma-sh7760: cleanup a debug printk (bsc#1051510).\n\n - ASoC: rt5514-spi: Fix potential NULL pointer dereference (bsc#1051510).\n\n - ax25: fix a use-after-free in ax25_fillin_cb() (networking-stable-19_01_04).\n\n - be2net: do not flip hw_features when VXLANs are added/deleted (bsc#1050252).\n\n - blkdev: avoid migration stalls for blkdev pages (bsc#1084216).\n\n - blk-mq: fix kernel oops in blk_mq_tag_idle() (bsc#1051510).\n\n - block: break discard submissions into the user defined size (git-fixes).\n\n - block: cleanup __blkdev_issue_discard() (git-fixes).\n\n - block: do not deal with discard limit in blkdev_issue_discard() (git-fixes).\n\n - block: fix 32 bit overflow in __blkdev_issue_discard() (git-fixes).\n\n - block: fix infinite loop if the device loses discard capability (git-fixes).\n\n - block: make sure discard bio is aligned with logical block size (git-fixes).\n\n - block: make sure writesame bio is aligned with logical block size (git-fixes).\n\n - block/swim3: Fix -EBUSY error when re-opening device after unmount (git-fixes).\n\n - bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bsc#1086323).\n\n - bnx2x: Clear fip MAC when fcoe offload support is disabled (bsc#1086323).\n\n - bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw (bsc#1086323).\n\n - bnx2x: Remove configured vlans as part of unload sequence (bsc#1086323).\n\n - bnx2x: Send update-svid ramrod with retry/poll flags enabled (bsc#1086323).\n\n - bonding: update nest level on unlink (git-fixes).\n\n - bsg: allocate sense buffer if requested (bsc#1106811).\n\n - btrfs: qgroup: Fix root item corruption when multiple same source snapshots are created with quota enabled (bsc#1122324).\n\n - can: bcm: check timer values before ktime conversion (bsc#1051510).\n\n - can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bsc#1051510).\n\n - can: gw: ensure DLC boundaries after CAN frame modification (bsc#1051510).\n\n - cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bsc#1051510).\n\n - char/mwave: fix potential Spectre v1 vulnerability (bsc#1051510).\n\n - checkstack.pl: fix for aarch64 (bsc#1051510).\n\n - cifs: add missing debug entries for kconfig options (bsc#1051510).\n\n - cifs: add missing support for ACLs in SMB 3.11 (bsc#1051510).\n\n - cifs: add sha512 secmech (bsc#1051510).\n\n - cifs: Add support for reading attributes on SMB2+ (bsc#1051510).\n\n - cifs: Add support for writing attributes on SMB2+ (bsc#1051510).\n\n - cifs: do not log STATUS_NOT_FOUND errors for DFS (bsc#1051510).\n\n - cifs: Do not modify mid entry after submitting I/O in cifs_call_async (bsc#1051510).\n\n - cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bsc#1051510).\n\n - cifs: Fix memory leak in smb2_set_ea() (bsc#1051510).\n\n - cifs: fix return value for cifs_listxattr (bsc#1051510).\n\n - cifs: Fix separator when building path from dentry (bsc#1051510).\n\n - cifs: fix set info (bsc#1051510).\n\n - cifs: fix sha512 check in cifs_crypto_secmech_release (bsc#1051510).\n\n - cifs: fix wrapping bugs in num_entries() (bsc#1051510).\n\n - cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class (bsc#1051510).\n\n - cifs: hide unused functions (bsc#1051510).\n\n - cifs: hide unused functions (bsc#1051510).\n\n - cifs: implement v3.11 preauth integrity (bsc#1051510).\n\n - cifs: make 'nodfs' mount opt a superblock flag (bsc#1051510).\n\n - cifs: prevent integer overflow in nxt_dir_entry() (bsc#1051510).\n\n - cifs: prototype declaration and definition for smb 2 - 3 and cifsacl mount options (bsc#1051510).\n\n - cifs: prototype declaration and definition to set acl for smb 2 - 3 and cifsacl mount options (bsc#1051510).\n\n - cifs: refactor crypto shash/sdesc allocation&free (bsc#1051510).\n\n - cifs: smb2ops: Fix listxattr() when there are no EAs (bsc#1051510).\n\n - cifs: Use smb 2 - 3 and cifsacl mount options getacl functions (bsc#1051510).\n\n - cifs: Use smb 2 - 3 and cifsacl mount options setacl function (bsc#1051510).\n\n - cifs: Use ULL suffix for 64-bit constant (bsc#1051510).\n\n - clk: imx6q: reset exclusive gates on init (bsc#1051510).\n\n - clk: rockchip: fix typo in rk3188 spdif_frac parent (bsc#1051510).\n\n - clk: sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock (bsc#1051510).\n\n - clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent (bsc#1051510).\n\n - cpufreq: imx6q: add return value check for voltage scale (bsc#1051510).\n\n - Cramfs: fix abad comparison when wrap-arounds occur (bsc#1051510).\n\n - crypto: authencesn - Avoid twice completion call in decrypt path (bsc#1051510).\n\n - crypto: authenc - fix parsing key with misaligned rta_len (bsc#1051510).\n\n - crypto: bcm - convert to use crypto_authenc_extractkeys() (bsc#1051510).\n\n - crypto: caam - fix zero-length buffer DMA mapping (bsc#1051510).\n\n - crypto: user - support incremental algorithm dumps (bsc#1120902).\n\n - dlm: fixed memory leaks after failed ls_remove_names allocation (bsc#1051510).\n\n - dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bsc#1051510).\n\n - dlm: memory leaks on error path in dlm_user_request() (bsc#1051510).\n\n - dlm: possible memory leak on error path in create_lkb() (bsc#1051510).\n\n - dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bsc#1051510).\n\n - dmaengine: at_hdmac: fix module unloading (bsc#1051510).\n\n - dmaengine: dma-jz4780: Return error if not probed from DT (bsc#1051510).\n\n - dmaengine: dw: Fix FIFO size for Intel Merrifield (bsc#1051510).\n\n - dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll (bsc#1051510).\n\n - dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty() (git-fixes).\n\n - dm: call blk_queue_split() to impose device limits on bios (git-fixes).\n\n - dm: do not allow readahead to limit IO size (git-fixes).\n\n - dm thin: send event about thin-pool state change _after_ making it (git-fixes).\n\n - dm zoned: Fix target BIO completion handling (git-fixes).\n\n - Do not log expected error on DFS referral request (bsc#1051510).\n\n - driver core: Move async_synchronize_full call (bsc#1051510).\n\n - drivers: core: Remove glue dirs from sysfs earlier (bsc#1051510).\n\n - drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bsc#1051510).\n\n - drivers/net/ethernet/qlogic/qed/qed_rdma.h: fix typo (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - drivers/sbus/char: add of_node_put() (bsc#1051510).\n\n - drivers/tty: add missing of_node_put() (bsc#1051510).\n\n - drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n\n - drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2 (bsc#1113722)\n\n - drm/i915/gvt: Fix mmap range check (bsc#1120902)\n\n - drm/nouveau/tmr: detect stalled gpu timer and break out of waits (bsc#1123538).\n\n - drm/vmwgfx: Fix setting of dma masks (bsc#1120902)\n\n - drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1120902)\n\n - e1000e: allow non-monotonic SYSTIM readings (bsc#1051510).\n\n - exportfs: do not read dentry after free (bsc#1051510).\n\n - ext4: Fix crash during online resizing (bsc#1122779).\n\n - fanotify: fix handling of events on child sub-directory (bsc#1122019).\n\n - fat: validate ->i_start before using (bsc#1051510).\n\n - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y (bsc#1051510).\n\n - fork: do not copy inconsistent signal handler state to child (bsc#1051510).\n\n - fork: record start_time late (git-fixes).\n\n - fork: unconditionally clear stack on fork (git-fixes).\n\n - fs/cifs: require sha512 (bsc#1051510).\n\n - gpio: altera-a10sr: Set proper output level for direction_output (bsc#1051510).\n\n - gpio: pcf857x: Fix interrupts on multiple instances (bsc#1051510).\n\n - gpio: pl061: handle failed allocations (bsc#1051510).\n\n - gpio: pl061: Move irq_chip definition inside struct pl061 (bsc#1051510).\n\n - gpio: vf610: Mask all GPIO interrupts (bsc#1051510).\n\n - gro_cell: add napi_disable in gro_cells_destroy (networking-stable-19_01_04).\n\n - hfs: do not free node before using (bsc#1051510).\n\n - hfsplus: do not free node before using (bsc#1051510).\n\n - hfsplus: prevent btree data loss on root split (bsc#1051510).\n\n - hfs: prevent btree data loss on root split (bsc#1051510).\n\n - i2c: dev: prevent adapter retries and timeout being set as minus value (bsc#1051510).\n\n - i40e: fix mac filter delete when setting mac address (bsc#1056658 bsc#1056662).\n\n - i40e: report correct statistics when XDP is enabled (bsc#1056658 bsc#1056662).\n\n - i40e: restore NETIF_F_GSO_IPXIP to netdev features (bsc#1056658 bsc#1056662).\n\n - ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n\n - ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (networking-stable-19_01_04).\n\n - ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n\n - ibmvnic: Increase maximum queue size limit (bsc#1121726).\n\n - ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n\n - ide: pmac: add of_node_put() (bsc#1051510).\n\n - ieee802154: lowpan_header_create check must check daddr (networking-stable-19_01_04).\n\n - input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bsc#1051510).\n\n - input: omap-keypad - fix idle configuration to not block SoC idle states (bsc#1051510).\n\n - input: raspberrypi-ts - fix link error (git-fixes).\n\n - input: restore EV_ABS ABS_RESERVED (bsc#1051510).\n\n - input: synaptics - enable RMI on ThinkPad T560 (bsc#1051510).\n\n - input: synaptics - enable SMBus for HP EliteBook 840 G4 (bsc#1051510).\n\n - input: xpad - add support for SteelSeries Stratus Duo (bsc#1111666).\n\n - iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n\n - iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n\n - iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n\n - iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n\n - ip6mr: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).\n\n - ipmi:pci: Blacklist a Realtek 'IPMI' device (git-fixes).\n\n - ipmi:ssif: Fix handling of multi-part return messages (bsc#1051510).\n\n - ip: on queued skb use skb_header_pointer instead of pskb_may_pull (git-fixes).\n\n - ipv4: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).\n\n - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (networking-stable-18_12_12).\n\n - ipv6: Check available headroom in ip6_xmit() even without options (networking-stable-18_12_12).\n\n - ipv6: explicitly initialize udp6_addr in udp_sock_create6() (networking-stable-19_01_04).\n\n - ipv6: sr: properly initialize flowi6 prior passing to ip6_route_output (networking-stable-18_12_12).\n\n - ipv6: tunnels: fix two use-after-free (networking-stable-19_01_04).\n\n - ip: validate header length on virtual device xmit (networking-stable-19_01_04).\n\n - iscsi target: fix session creation failure handling (bsc#1051510).\n\n - isdn: fix kernel-infoleak in capi_unlocked_ioctl (bsc#1051510).\n\n - iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n\n - iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n\n - iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n\n - jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bsc#1051510).\n\n - kABI: fix xhci kABI stability (bsc#1119086).\n\n - kABI: protect struct sctp_association (kabi).\n\n - kABI workaround for deleted snd_hda_register_beep_device() (bsc#1122944).\n\n - kABI workaround for snd_hda_bus.bus_probing addition (bsc#1122944).\n\n - kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n\n - kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (git-fixes).\n\n - kvm: arm/arm64: Properly protect VGIC locks from IRQs (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls (bsc#1117155).\n\n - kvm: PPC: Book3S PR: Set hflag to indicate that POWER9 supports 1T segments (bsc#1124589).\n\n - kvm: sev: Fail KVM_SEV_INIT if already initialized (bsc#1114279).\n\n - kvm: x86: fix L1TF's MMIO GFN calculation (bsc#1124204).\n\n - lan78xx: Resolve issue with changing MAC address (bsc#1051510).\n\n - libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n\n - lib/rbtree-test: lower default params (git-fixes).\n\n - lockd: fix access beyond unterminated strings in prints (git-fixes).\n\n - LSM: Check for NULL cred-security on free (bsc#1051510).\n\n - md: fix raid10 hang issue caused by barrier (git-fixes).\n\n - media: firewire: Fix app_info parameter type in avc_ca(,_app)_info (bsc#1051510).\n\n - media: usb: pwc: Do not use coherent DMA buffers for ISO transfer (bsc#1054610).\n\n - media: v4l2-tpg: array index could become negative (bsc#1051510).\n\n - media: v4l: ioctl: Validate num_planes for debug messages (bsc#1051510).\n\n - media: vb2: be sure to unlock mutex on errors (bsc#1051510).\n\n - media: vb2: vb2_mmap: move lock up (bsc#1051510).\n\n - media: vivid: fix error handling of kthread_run (bsc#1051510).\n\n - media: vivid: free bitmap_cap when updating std/timings/etc (bsc#1051510).\n\n - media: vivid: set min width/height to a value > 0 (bsc#1051510).\n\n - mfd: ab8500-core: Return zero in get_register_interruptible() (bsc#1051510).\n\n - mfd: tps6586x: Handle interrupts on suspend (bsc#1051510).\n\n - misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bsc#1051510).\n\n - misc: hmc6352: fix potential Spectre v1 (bsc#1051510).\n\n - misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bsc#1051510).\n\n - misc: mic: SCIF Fix scif_get_new_port() error handling (bsc#1051510).\n\n - misc: sram: enable clock before registering regions (bsc#1051510).\n\n - misc: sram: fix resource leaks in probe error path (bsc#1051510).\n\n - misc: ti-st: Fix memory leak in the error path of probe() (bsc#1051510).\n\n - misc: vexpress: Off by one in vexpress_syscfg_exec() (bsc#1051510).\n\n - mmc: atmel-mci: do not assume idle after atmci_request_end (bsc#1051510).\n\n - mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1051510).\n\n - mmc: dw_mmc-bluefield: : Fix the license information (bsc#1051510).\n\n - mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bsc#1051510).\n\n - mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n\n - mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n\n - mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n\n - mm: migrate: lock buffers before migrate_page_move_mapping() (bsc#1084216).\n\n - mm: migrate: Make buffer_migrate_page_norefs() actually succeed (bsc#1084216)\n\n - mm: migrate: provide buffer_migrate_page_norefs() (bsc#1084216).\n\n - mm: migration: factor out code to compute expected number of page references (bsc#1084216).\n\n - Move the upstreamed HD-audio fix into sorted section\n\n - mpt3sas: check sense buffer before copying sense data (bsc#1106811).\n\n - neighbour: Avoid writing before skb->head in neigh_hh_output() (networking-stable-18_12_12).\n\n - net: 8139cp: fix a BUG triggered by changing mtu with network traffic (networking-stable-18_12_12).\n\n - net: core: Fix Spectre v1 vulnerability (networking-stable-19_01_04).\n\n - net/hamradio/6pack: use mod_timer() to rearm timers (networking-stable-19_01_04).\n\n - net: hns3: add error handler for hns3_nic_init_vector_data() (bsc#1104353).\n\n - net: hns3: add handling for big TX fragment (bsc#1104353 ).\n\n - net: hns3: Fix client initialize state issue when roce client initialize failed (bsc#1104353).\n\n - net: hns3: Fix for loopback selftest failed problem (bsc#1104353 ).\n\n - net: hns3: fix for multiple unmapping DMA problem (bsc#1104353 ).\n\n - net: hns3: Fix tc setup when netdev is first up (bsc#1104353 ).\n\n - net: hns3: Fix tqp array traversal condition for vf (bsc#1104353 ).\n\n - net: hns3: move DMA map into hns3_fill_desc (bsc#1104353 ).\n\n - net: hns3: remove hns3_fill_desc_tso (bsc#1104353).\n\n - net: hns3: rename hns_nic_dma_unmap (bsc#1104353).\n\n - net: hns3: rename the interface for init_client_instance and uninit_client_instance (bsc#1104353).\n\n - net: macb: restart tx after tx used bit read (networking-stable-19_01_04).\n\n - net/mlx4_en: Change min MTU size to ETH_MIN_MTU (networking-stable-18_12_12).\n\n - net/mlx5e: Remove the false indication of software timestamping support (networking-stable-19_01_04).\n\n - net/mlx5: Typo fix in del_sw_hw_rule (networking-stable-19_01_04).\n\n - net: phy: do not allow __set_phy_supported to add unsupported modes (networking-stable-18_12_12).\n\n - net: phy: Fix the issue that netif always links up after resuming (networking-stable-19_01_04).\n\n - netrom: fix locking in nr_find_socket() (networking-stable-19_01_04).\n\n - net: skb_scrub_packet(): Scrub offload_fwd_mark (networking-stable-18_12_03).\n\n - net/smc: fix TCP fallback socket release (networking-stable-19_01_04).\n\n - net: stmmac: Fix PCI module removal leak (git-fixes).\n\n - net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (networking-stable-18_12_03).\n\n - net: thunderx: set xdp_prog to NULL if bpf_prog_add fails (networking-stable-18_12_03).\n\n - net/wan: fix a double free in x25_asy_open_tty() (networking-stable-19_01_04).\n\n - nfsd: COPY and CLONE operations require the saved filehandle to be set (git-fixes).\n\n - nfsd: Fix an Oops in free_session() (git-fixes).\n\n - nfs: Fix a missed page unlock after pg_doio() (git-fixes).\n\n - NFS: Fix up return value on fatal errors in nfs_page_async_flush() (git-fixes).\n\n - NFSv4.1: Fix the r/wsize checking (git-fixes).\n\n - NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).\n\n - nvme-multipath: round-robin I/O policy (bsc#1110705).\n\n - omap2fb: Fix stack memory disclosure (bsc#1120902)\n\n - packet: Do not leak dev refcounts on error exit (git-fixes).\n\n - packet: validate address length if non-zero (networking-stable-19_01_04).\n\n - packet: validate address length (networking-stable-19_01_04).\n\n - PCI: Disable broken RTIT_BAR of Intel TH (bsc#1120318).\n\n - phonet: af_phonet: Fix Spectre v1 vulnerability (networking-stable-19_01_04).\n\n - platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bsc#1051510).\n\n - platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bsc#1051510).\n\n - platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bsc#1051510).\n\n - powerpc: Always save/restore checkpointed regs during treclaim/trecheckpoint (bsc#1118338).\n\n - powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n\n - powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).\n\n - powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n\n - powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline (bsc#1119766, bsc#1055121).\n\n - powerpc/powernv: Clear PECE1 in LPCR via stop-api only on Hotplug (bsc#1119766, bsc#1055121).\n\n - powerpc: Remove facility loadups on transactional (fp, vec, vsx) unavailable (bsc#1118338).\n\n - powerpc: Remove redundant FP/Altivec giveup code (bsc#1118338).\n\n - powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n\n - powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n\n - powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n\n - powerpc/smp: Rework CPU topology construction (bsc#1109695).\n\n - powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n\n - powerpc/tm: Avoid machine crash on rt_sigreturn (bsc#1118338).\n\n - powerpc/tm: Do not check for WARN in TM Bad Thing handling (bsc#1118338).\n\n - powerpc/tm: Fix comment (bsc#1118338).\n\n - powerpc/tm: Fix endianness flip on trap (bsc#1118338).\n\n - powerpc/tm: Fix HFSCR bit for no suspend case (bsc#1118338).\n\n - powerpc/tm: Fix HTM documentation (bsc#1118338).\n\n - powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM (bsc#1118338).\n\n - powerpc/tm: P9 disable transactionally suspended sigcontexts (bsc#1118338).\n\n - powerpc/tm: Print 64-bits MSR (bsc#1118338).\n\n - powerpc/tm: Print scratch value (bsc#1118338).\n\n - powerpc/tm: Reformat comments (bsc#1118338).\n\n - powerpc/tm: Remove msr_tm_active() (bsc#1118338).\n\n - powerpc/tm: Remove struct thread_info param from tm_reclaim_thread() (bsc#1118338).\n\n - powerpc/tm: Save MSR to PACA before RFID (bsc#1118338).\n\n - powerpc/tm: Set MSR[TS] just prior to recheckpoint (bsc#1118338, bsc#1120955).\n\n - powerpc/tm: Unset MSR[TS] if not recheckpointing (bsc#1118338).\n\n - powerpc/tm: Update function prototype comment (bsc#1118338).\n\n - powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n\n - powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n\n - pstore/ram: Avoid allocation and leak of platform data (bsc#1051510).\n\n - pstore/ram: Avoid NULL deref in ftrace merging failure path (bsc#1051510).\n\n - pstore/ram: Correctly calculate usable PRZ bytes (bsc#1051510).\n\n - pstore/ram: Do not treat empty buffers as valid (bsc#1051510).\n\n - ptp_kvm: probe for kvm guest availability (bsc#1098382).\n\n - ptr_ring: wrap back ->producer in\n __ptr_ring_swap_queue() (networking-stable-19_01_04).\n\n - qed: Avoid constant logical operation warning in qed_vf_pf_acquire (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - qed: Avoid implicit enum conversion in qed_set_tunn_cls_info (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - qed: Fix an error code qed_ll2_start_xmit() (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix bitmap_weight() check (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix blocking/unlimited SPQ entries leak (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix command number mismatch between driver and the mfw (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix memory/entry leak in qed_init_sp_request() (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix potential memory corruption (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix PTT leak in qed_drain() (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix QM getters to always return a valid pq (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix rdma_info structure allocation (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix reading wrong value in loop condition (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qla2xxx: Fixup dual-protocol FCP connections (bsc#1108870).\n\n - qmi_wwan: Added support for Fibocom NL668 series (networking-stable-19_01_04).\n\n - qmi_wwan: Added support for Telit LN940 series (networking-stable-19_01_04).\n\n - qmi_wwan: Add support for Fibocom NL678 series (networking-stable-19_01_04).\n\n - rapidio/rionet: do not free skb before reading its length (networking-stable-18_12_03).\n\n - RDMA/core: Fix unwinding flow in case of error to register device (bsc#1046306).\n\n - Revert 'serial: 8250: Fix clearing FIFOs in RS485 mode again' (bsc#1051510).\n\n - rpm/release-projects: Add SUSE:Maintenance:* for MU kernels (bsc#1123317)\n\n - rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (networking-stable-18_12_12).\n\n - s390/zcrypt: fix specification exception on z196 during ap probe (LTC#174936, bsc#1123061).\n\n - sbus: char: add of_node_put() (bsc#1051510).\n\n - sched/wait: Fix rcuwait_wake_up() ordering (git-fixes).\n\n - scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n\n - scripts/git_sort/git_sort.py: Add s390/linux.git fixes.\n\n - scsi: qedi: Add ep_state for login completion on un-reachable targets (bsc#1113712).\n\n - scsi: qla2xxx: Timeouts occur on surprise removal of QLogic adapter (bsc#1124985).\n\n - scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).\n\n - sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (networking-stable-19_01_04).\n\n - sctp: kfree_rcu asoc (networking-stable-18_12_12).\n\n - selftests/powerpc: Use snprintf to construct DSCR sysfs interface paths (bsc#1124579).\n\n - selinux: Add __GFP_NOWARN to allocation at str_read() (bsc#1051510).\n\n - selinux: fix GPF on invalid policy (bsc#1051510).\n\n - serial: imx: fix error handling in console_setup (bsc#1051510).\n\n - serial: set suppress_bind_attrs flag only if builtin (bsc#1051510).\n\n - serial/sunsu: fix refcount leak (bsc#1051510).\n\n - serial: uartps: Fix interrupt mask issue to handle the RX interrupts properly (bsc#1051510).\n\n - shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n\n - shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n\n - signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (git-fixes).\n\n - slab: alien caches must not be initialized if the allocation of the alien cache failed (git fixes (mm/slab)).\n\n - smb3.1.1 dialect is no longer experimental (bsc#1051510).\n\n - smb311: Fix reconnect (bsc#1051510).\n\n - smb3: Add support for multidialect negotiate (SMB2.1 and later) (bsc#1051510).\n\n - smb3: allow stats which track session and share reconnects to be reset (bsc#1051510).\n\n - smb3: Backup intent flag missing for directory opens with backupuid mounts (bsc#1051510).\n\n - smb3: check for and properly advertise directory lease support (bsc#1051510).\n\n - smb3: directory sync should not return an error (bsc#1051510).\n\n - smb3: do not attempt cifs operation in smb3 query info error path (bsc#1051510).\n\n - smb3: do not request leases in symlink creation and query (bsc#1051510).\n\n - smb3: Do not send SMB3 SET_INFO if nothing changed (bsc#1051510).\n\n - smb3: enumerating snapshots was leaving part of the data off end (bsc#1051510).\n\n - smb3: Fix length checking of SMB3.11 negotiate request (bsc#1051510).\n\n - smb3: Fix root directory when server returns inode number of zero (bsc#1051510).\n\n - smb3: fix various xid leaks (bsc#1051510).\n\n - smb3: Improve security, move default dialect to SMB3 from old CIFS (bsc#1051510).\n\n - smb3: on kerberos mount if server does not specify auth type use krb5 (bsc#1051510).\n\n - smb3: Remove ifdef since SMB3 (and later) now STRONGLY preferred (bsc#1051510).\n\n - smb3: simplify code by removing CONFIG_CIFS_SMB311 (bsc#1051510).\n\n - staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bsc#1051510).\n\n - sunrpc: correct the computation for page_ptr when truncating (git-fixes).\n\n - sunrpc: Fix a potential race in xprt_connect() (git-fixes).\n\n - sunrpc: Fix leak of krb5p encode pages (git-fixes).\n\n - sunrpc: handle ENOMEM in rpcb_getport_async (git-fixes).\n\n - sunrpc: safely reallow resvport min/max inversion (git-fixes).\n\n - tcp: Do not underestimate rwnd_limited (networking-stable-18_12_12).\n\n - tcp: fix a race in inet_diag_dump_icsk() (networking-stable-19_01_04).\n\n - tcp: fix NULL ref in tail loss probe (networking-stable-18_12_12).\n\n - tcp: lack of available data can also cause TSO defer (git-fixes).\n\n - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check (bsc#1051510).\n\n - tipc: compare remote and local protocols in tipc_udp_enable() (networking-stable-19_01_04).\n\n - tipc: fix a double kfree_skb() (networking-stable-19_01_04).\n\n - tipc: use lock_sock() in tipc_sk_reinit() (networking-stable-19_01_04).\n\n - tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).\n\n - tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n\n - tty: Handle problem if line discipline does not have receive_buf (bsc#1051510).\n\n - tty/n_hdlc: fix __might_sleep warning (bsc#1051510).\n\n - tty/serial: do not free trasnmit buffer page under port lock (bsc#1051510).\n\n - tun: forbid iface creation with rtnl ops (networking-stable-18_12_12).\n\n - uart: Fix crash in uart_write and uart_put_char (bsc#1051510).\n\n - usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bsc#1120902).\n\n - usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bsc#1120902).\n\n - usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup (bsc#1120902).\n\n - usb: dwc3: trace: add missing break statement to make compiler happy (bsc#1120902).\n\n - usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (networking-stable-18_12_03).\n\n - usb: serial: option: add Fibocom NL678 series (bsc#1120902).\n\n - usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bsc#1120902).\n\n - usb: storage: add quirk for SMI SM3350 (bsc#1120902).\n\n - usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bsc#1120902).\n\n - usb: xhci: fix 'broken_suspend' placement in struct xchi_hcd (bsc#1119086).\n\n - vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n\n - vhost: make sure used idx is seen before log in vhost_add_used_n() (networking-stable-19_01_04).\n\n - virtio-net: fail XDP set if guest csum is negotiated (networking-stable-18_12_03).\n\n - virtio-net: keep vnet header zeroed after processing XDP (networking-stable-18_12_12).\n\n - vsock: Send reset control packet when socket is partially bound (networking-stable-19_01_04).\n\n - vt: invoke notifier on screen size change (bsc#1051510).\n\n - watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).\n\n - writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).\n\n - x86/bugs: Add AMD's variant of SSB_NO (bsc#1114279).\n\n - x86/bugs: Update when to check for the LS_CFG SSBD mitigation (bsc#1114279).\n\n - x86/kvmclock: set pvti_cpu0_va after enabling kvmclock (bsc#1098382).\n\n - x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bsc#1114279).\n\n - x86/microcode/amd: Do not falsely trick the late loading mechanism (bsc#1114279).\n\n - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() (bsc#1114279).\n\n - x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE (bsc#1114279).\n\n - x86/pvclock: add setter for pvclock_pvti_cpu0_va (bsc#1098382).\n\n - x86/resctrl: Fix rdt_find_domain() return value and checks (bsc#1114279).\n\n - x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant (bsc#1114279).\n\n - x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1114279).\n\n - x86/xen/time: Output xen sched_clock time from 0 (bsc#1098382).\n\n - x86/xen/time: set pvclock flags on xen_time_init() (bsc#1098382).\n\n - x86/xen/time: setup vcpu 0 time info page (bsc#1098382).\n\n - xen: Fix x86 sched_clock() interface for xen (bsc#1098382).\n\n - xhci: Add quirk to zero 64bit registers on Renesas PCIe controllers (bsc#1120854).\n\n - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC (bsc#1119086).\n\n - xprtrdma: Reset credit grant properly after a disconnect (git-fixes).", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20669", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-kvmsmall", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel", "p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-203.NASL", "href": "https://www.tenable.com/plugins/nessus/122303", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-203.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122303);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-20669\", \"CVE-2019-3459\", \"CVE-2019-3460\", \"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-7222\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)\");\n script_summary(english:\"Check for the openSUSE-2019-203 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 15.0 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2019-3459,CVE-2019-3460: Two information leaks in\n the bluetooth stack were fixed. (bnc#1120758).\n\n - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer\n was fixed. (bnc#1124732).\n\n - CVE-2019-7222: A information leak in exception handling\n in KVM could be used to expose host memory to guests.\n (bnc#1124735).\n\n - CVE-2019-6974: A use-after-free in the KVM device\n control API was fixed. (bnc#1124728).\n\n - CVE-2018-20669: Missing access control checks in ioctl\n of gpu/drm/i915 driver were fixed which might have lead\n to information leaks. (bnc#1122971).\n\nThe following non-security bugs were fixed :\n\n - 6lowpan: iphc: reset mac_header after decompress to fix\n panic (bsc#1051510).\n\n - 9p: clear dangling pointers in p9stat_free\n (bsc#1051510).\n\n - 9p locks: fix glock.client_id leak in do_lock\n (bsc#1051510).\n\n - 9p/net: put a lower bound on msize (bsc#1051510).\n\n - acpi/nfit: Block function zero DSMs (bsc#1051510).\n\n - acpi, nfit: Fix Address Range Scrub completion tracking\n (bsc#1124969).\n\n - acpi/nfit: Fix command-supported detection\n (bsc#1051510).\n\n - acpi/nfit: Fix race accessing memdev in\n nfit_get_smbios_id() (bsc#1122662).\n\n - acpi/nfit: Fix user-initiated ARS to be 'ARS-long'\n rather than 'ARS-short' (bsc#1124969).\n\n - ACPI: power: Skip duplicate power resource references in\n _PRx (bsc#1051510).\n\n - Add delay-init quirk for Corsair K70 RGB keyboards\n (bsc#1087092).\n\n - af_iucv: Move sockaddr length checks to before accessing\n sa_family in bind and connect handlers (bsc#1051510).\n\n - alsa: bebob: fix model-id of unit for Apogee Ensemble\n (bsc#1051510).\n\n - alsa: compress: Fix stop handling on compressed capture\n streams (bsc#1051510).\n\n - alsa: hda - Add mute LED support for HP ProBook 470 G5\n (bsc#1051510).\n\n - alsa: hda/ca0132 - Fix build error without CONFIG_PCI\n (bsc#1051510).\n\n - alsa: hda/realtek - Fixed hp_pin no value (bsc#1051510).\n\n - alsa: hda/realtek - Fix lose hp_pins for disable auto\n mute (bsc#1051510).\n\n - alsa: hda/realtek - Use a common helper for hp pin\n reference (bsc#1051510).\n\n - alsa: hda - Serialize codec registrations (bsc#1122944).\n\n - alsa: hda - Use standard device registration for beep\n (bsc#1122944).\n\n - alsa: oxfw: add support for APOGEE duet FireWire\n (bsc#1051510).\n\n - alsa: usb-audio: Add Opus #3 to quirks for native DSD\n support (bsc#1051510).\n\n - alsa: usb-audio: Add support for new T+A USB DAC\n (bsc#1051510).\n\n - amd-xgbe: Fix mdio access for non-zero ports and clause\n 45 PHYs (bsc#1122927).\n\n - arm: 8802/1: Call syscall_trace_exit even when system\n call skipped (bsc#1051510).\n\n - arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range()\n unaligned address handling (bsc#1051510).\n\n - arm: 8815/1: V7M: align v7m_dma_inv_range() with v7\n counterpart (bsc#1051510).\n\n - arm/arm64: kvm:vgic: Force VM halt when changing the\n active state of GICv3 PPIs/SGIs (bsc#1051510).\n\n - arm: cns3xxx: Fix writing to wrong PCI config registers\n after alignment (bsc#1051510).\n\n - arm: cns3xxx: Use actual size reads for PCIe\n (bsc#1051510).\n\n - arm: imx: update the cpu power up timing setting on\n i.mx6sx (bsc#1051510).\n\n - arm: kvm:Fix VTTBR_BADDR_MASK BUG_ON off-by-one\n (bsc#1051510).\n\n - arm: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt\n (bsc#1051510).\n\n - arm: OMAP1: ams-delta: Fix possible use of uninitialized\n field (bsc#1051510).\n\n - arm: OMAP2+: prm44xx: Fix section annotation on\n omap44xx_prm_enable_io_wakeup (bsc#1051510).\n\n - ASoC: dma-sh7760: cleanup a debug printk (bsc#1051510).\n\n - ASoC: rt5514-spi: Fix potential NULL pointer dereference\n (bsc#1051510).\n\n - ax25: fix a use-after-free in ax25_fillin_cb()\n (networking-stable-19_01_04).\n\n - be2net: do not flip hw_features when VXLANs are\n added/deleted (bsc#1050252).\n\n - blkdev: avoid migration stalls for blkdev pages\n (bsc#1084216).\n\n - blk-mq: fix kernel oops in blk_mq_tag_idle()\n (bsc#1051510).\n\n - block: break discard submissions into the user defined\n size (git-fixes).\n\n - block: cleanup __blkdev_issue_discard() (git-fixes).\n\n - block: do not deal with discard limit in\n blkdev_issue_discard() (git-fixes).\n\n - block: fix 32 bit overflow in __blkdev_issue_discard()\n (git-fixes).\n\n - block: fix infinite loop if the device loses discard\n capability (git-fixes).\n\n - block: make sure discard bio is aligned with logical\n block size (git-fixes).\n\n - block: make sure writesame bio is aligned with logical\n block size (git-fixes).\n\n - block/swim3: Fix -EBUSY error when re-opening device\n after unmount (git-fixes).\n\n - bnx2x: Assign unique DMAE channel number for FW DMAE\n transactions (bsc#1086323).\n\n - bnx2x: Clear fip MAC when fcoe offload support is\n disabled (bsc#1086323).\n\n - bnx2x: Fix NULL pointer dereference in\n bnx2x_del_all_vlans() on some hw (bsc#1086323).\n\n - bnx2x: Remove configured vlans as part of unload\n sequence (bsc#1086323).\n\n - bnx2x: Send update-svid ramrod with retry/poll flags\n enabled (bsc#1086323).\n\n - bonding: update nest level on unlink (git-fixes).\n\n - bsg: allocate sense buffer if requested (bsc#1106811).\n\n - btrfs: qgroup: Fix root item corruption when multiple\n same source snapshots are created with quota enabled\n (bsc#1122324).\n\n - can: bcm: check timer values before ktime conversion\n (bsc#1051510).\n\n - can: dev: __can_get_echo_skb(): fix bogous check for\n non-existing skb by removing it (bsc#1051510).\n\n - can: gw: ensure DLC boundaries after CAN frame\n modification (bsc#1051510).\n\n - cdc-acm: fix abnormal DATA RX issue for Mediatek\n Preloader (bsc#1051510).\n\n - char/mwave: fix potential Spectre v1 vulnerability\n (bsc#1051510).\n\n - checkstack.pl: fix for aarch64 (bsc#1051510).\n\n - cifs: add missing debug entries for kconfig options\n (bsc#1051510).\n\n - cifs: add missing support for ACLs in SMB 3.11\n (bsc#1051510).\n\n - cifs: add sha512 secmech (bsc#1051510).\n\n - cifs: Add support for reading attributes on SMB2+\n (bsc#1051510).\n\n - cifs: Add support for writing attributes on SMB2+\n (bsc#1051510).\n\n - cifs: do not log STATUS_NOT_FOUND errors for DFS\n (bsc#1051510).\n\n - cifs: Do not modify mid entry after submitting I/O in\n cifs_call_async (bsc#1051510).\n\n - cifs: Fix error mapping for SMB2_LOCK command which\n caused OFD lock problem (bsc#1051510).\n\n - cifs: Fix memory leak in smb2_set_ea() (bsc#1051510).\n\n - cifs: fix return value for cifs_listxattr (bsc#1051510).\n\n - cifs: Fix separator when building path from dentry\n (bsc#1051510).\n\n - cifs: fix set info (bsc#1051510).\n\n - cifs: fix sha512 check in cifs_crypto_secmech_release\n (bsc#1051510).\n\n - cifs: fix wrapping bugs in num_entries() (bsc#1051510).\n\n - cifs: For SMB2 security informaion query, check for\n minimum sized security descriptor instead of sizeof\n FileAllInformation class (bsc#1051510).\n\n - cifs: hide unused functions (bsc#1051510).\n\n - cifs: hide unused functions (bsc#1051510).\n\n - cifs: implement v3.11 preauth integrity (bsc#1051510).\n\n - cifs: make 'nodfs' mount opt a superblock flag\n (bsc#1051510).\n\n - cifs: prevent integer overflow in nxt_dir_entry()\n (bsc#1051510).\n\n - cifs: prototype declaration and definition for smb 2 - 3\n and cifsacl mount options (bsc#1051510).\n\n - cifs: prototype declaration and definition to set acl\n for smb 2 - 3 and cifsacl mount options (bsc#1051510).\n\n - cifs: refactor crypto shash/sdesc allocation&free\n (bsc#1051510).\n\n - cifs: smb2ops: Fix listxattr() when there are no EAs\n (bsc#1051510).\n\n - cifs: Use smb 2 - 3 and cifsacl mount options getacl\n functions (bsc#1051510).\n\n - cifs: Use smb 2 - 3 and cifsacl mount options setacl\n function (bsc#1051510).\n\n - cifs: Use ULL suffix for 64-bit constant (bsc#1051510).\n\n - clk: imx6q: reset exclusive gates on init (bsc#1051510).\n\n - clk: rockchip: fix typo in rk3188 spdif_frac parent\n (bsc#1051510).\n\n - clk: sunxi-ng: enable so-said LDOs for A64 SoC's\n pll-mipi clock (bsc#1051510).\n\n - clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent (bsc#1051510).\n\n - cpufreq: imx6q: add return value check for voltage scale\n (bsc#1051510).\n\n - Cramfs: fix abad comparison when wrap-arounds occur\n (bsc#1051510).\n\n - crypto: authencesn - Avoid twice completion call in\n decrypt path (bsc#1051510).\n\n - crypto: authenc - fix parsing key with misaligned\n rta_len (bsc#1051510).\n\n - crypto: bcm - convert to use\n crypto_authenc_extractkeys() (bsc#1051510).\n\n - crypto: caam - fix zero-length buffer DMA mapping\n (bsc#1051510).\n\n - crypto: user - support incremental algorithm dumps\n (bsc#1120902).\n\n - dlm: fixed memory leaks after failed ls_remove_names\n allocation (bsc#1051510).\n\n - dlm: lost put_lkb on error path in receive_convert() and\n receive_unlock() (bsc#1051510).\n\n - dlm: memory leaks on error path in dlm_user_request()\n (bsc#1051510).\n\n - dlm: possible memory leak on error path in create_lkb()\n (bsc#1051510).\n\n - dmaengine: at_hdmac: fix memory leak in at_dma_xlate()\n (bsc#1051510).\n\n - dmaengine: at_hdmac: fix module unloading (bsc#1051510).\n\n - dmaengine: dma-jz4780: Return error if not probed from\n DT (bsc#1051510).\n\n - dmaengine: dw: Fix FIFO size for Intel Merrifield\n (bsc#1051510).\n\n - dmaengine: xilinx_dma: Remove __aligned attribute on\n zynqmp_dma_desc_ll (bsc#1051510).\n\n - dm cache metadata: verify cache has blocks in\n blocks_are_clean_separate_dirty() (git-fixes).\n\n - dm: call blk_queue_split() to impose device limits on\n bios (git-fixes).\n\n - dm: do not allow readahead to limit IO size (git-fixes).\n\n - dm thin: send event about thin-pool state change _after_\n making it (git-fixes).\n\n - dm zoned: Fix target BIO completion handling\n (git-fixes).\n\n - Do not log expected error on DFS referral request\n (bsc#1051510).\n\n - driver core: Move async_synchronize_full call\n (bsc#1051510).\n\n - drivers: core: Remove glue dirs from sysfs earlier\n (bsc#1051510).\n\n - drivers/misc/sgi-gru: fix Spectre v1 vulnerability\n (bsc#1051510).\n\n - drivers/net/ethernet/qlogic/qed/qed_rdma.h: fix typo\n (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - drivers/sbus/char: add of_node_put() (bsc#1051510).\n\n - drivers/tty: add missing of_node_put() (bsc#1051510).\n\n - drm/fb-helper: Ignore the value of\n fb_var_screeninfo.pixclock (bsc#1113722)\n\n - drm/fb-helper: Partially bring back workaround for bugs\n of SDL 1.2 (bsc#1113722)\n\n - drm/i915/gvt: Fix mmap range check (bsc#1120902)\n\n - drm/nouveau/tmr: detect stalled gpu timer and break out\n of waits (bsc#1123538).\n\n - drm/vmwgfx: Fix setting of dma masks (bsc#1120902)\n\n - drm/vmwgfx: Return error code from\n vmw_execbuf_copy_fence_user (bsc#1120902)\n\n - e1000e: allow non-monotonic SYSTIM readings\n (bsc#1051510).\n\n - exportfs: do not read dentry after free (bsc#1051510).\n\n - ext4: Fix crash during online resizing (bsc#1122779).\n\n - fanotify: fix handling of events on child sub-directory\n (bsc#1122019).\n\n - fat: validate ->i_start before using (bsc#1051510).\n\n - fix smb3-encryption breakage when CONFIG_DEBUG_SG=y\n (bsc#1051510).\n\n - fork: do not copy inconsistent signal handler state to\n child (bsc#1051510).\n\n - fork: record start_time late (git-fixes).\n\n - fork: unconditionally clear stack on fork (git-fixes).\n\n - fs/cifs: require sha512 (bsc#1051510).\n\n - gpio: altera-a10sr: Set proper output level for\n direction_output (bsc#1051510).\n\n - gpio: pcf857x: Fix interrupts on multiple instances\n (bsc#1051510).\n\n - gpio: pl061: handle failed allocations (bsc#1051510).\n\n - gpio: pl061: Move irq_chip definition inside struct\n pl061 (bsc#1051510).\n\n - gpio: vf610: Mask all GPIO interrupts (bsc#1051510).\n\n - gro_cell: add napi_disable in gro_cells_destroy\n (networking-stable-19_01_04).\n\n - hfs: do not free node before using (bsc#1051510).\n\n - hfsplus: do not free node before using (bsc#1051510).\n\n - hfsplus: prevent btree data loss on root split\n (bsc#1051510).\n\n - hfs: prevent btree data loss on root split\n (bsc#1051510).\n\n - i2c: dev: prevent adapter retries and timeout being set\n as minus value (bsc#1051510).\n\n - i40e: fix mac filter delete when setting mac address\n (bsc#1056658 bsc#1056662).\n\n - i40e: report correct statistics when XDP is enabled\n (bsc#1056658 bsc#1056662).\n\n - i40e: restore NETIF_F_GSO_IPXIP to netdev features\n (bsc#1056658 bsc#1056662).\n\n - ibmveth: Do not process frames after calling\n napi_reschedule (bcs#1123357).\n\n - ibmveth: fix DMA unmap error in ibmveth_xmit_start error\n path (networking-stable-19_01_04).\n\n - ibmvnic: Add ethtool private flag for driver-defined\n queue limits (bsc#1121726).\n\n - ibmvnic: Increase maximum queue size limit\n (bsc#1121726).\n\n - ibmvnic: Introduce driver limits for ring sizes\n (bsc#1121726).\n\n - ide: pmac: add of_node_put() (bsc#1051510).\n\n - ieee802154: lowpan_header_create check must check daddr\n (networking-stable-19_01_04).\n\n - input: elan_i2c - add ACPI ID for touchpad in ASUS\n Aspire F5-573G (bsc#1051510).\n\n - input: omap-keypad - fix idle configuration to not block\n SoC idle states (bsc#1051510).\n\n - input: raspberrypi-ts - fix link error (git-fixes).\n\n - input: restore EV_ABS ABS_RESERVED (bsc#1051510).\n\n - input: synaptics - enable RMI on ThinkPad T560\n (bsc#1051510).\n\n - input: synaptics - enable SMBus for HP EliteBook 840 G4\n (bsc#1051510).\n\n - input: xpad - add support for SteelSeries Stratus Duo\n (bsc#1111666).\n\n - iommu/amd: Call free_iova_fast with pfn in map_sg\n (bsc#1106105).\n\n - iommu/amd: Fix IOMMU page flush when detach device from\n a domain (bsc#1106105).\n\n - iommu/amd: Unmap all mapped pages in error path of\n map_sg (bsc#1106105).\n\n - iommu/vt-d: Fix memory leak in\n intel_iommu_put_resv_regions() (bsc#1106105).\n\n - ip6mr: Fix potential Spectre v1 vulnerability\n (networking-stable-19_01_04).\n\n - ipmi:pci: Blacklist a Realtek 'IPMI' device (git-fixes).\n\n - ipmi:ssif: Fix handling of multi-part return messages\n (bsc#1051510).\n\n - ip: on queued skb use skb_header_pointer instead of\n pskb_may_pull (git-fixes).\n\n - ipv4: Fix potential Spectre v1 vulnerability\n (networking-stable-19_01_04).\n\n - ipv4: ipv6: netfilter: Adjust the frag mem limit when\n truesize changes (networking-stable-18_12_12).\n\n - ipv6: Check available headroom in ip6_xmit() even\n without options (networking-stable-18_12_12).\n\n - ipv6: explicitly initialize udp6_addr in\n udp_sock_create6() (networking-stable-19_01_04).\n\n - ipv6: sr: properly initialize flowi6 prior passing to\n ip6_route_output (networking-stable-18_12_12).\n\n - ipv6: tunnels: fix two use-after-free\n (networking-stable-19_01_04).\n\n - ip: validate header length on virtual device xmit\n (networking-stable-19_01_04).\n\n - iscsi target: fix session creation failure handling\n (bsc#1051510).\n\n - isdn: fix kernel-infoleak in capi_unlocked_ioctl\n (bsc#1051510).\n\n - iwlwifi: fix non_shared_ant for 22000 devices\n (bsc#1119086).\n\n - iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n\n - iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old\n firmwares (bsc#1119086).\n\n - jffs2: Fix use of uninitialized delayed_work, lockdep\n breakage (bsc#1051510).\n\n - kABI: fix xhci kABI stability (bsc#1119086).\n\n - kABI: protect struct sctp_association (kabi).\n\n - kABI workaround for deleted\n snd_hda_register_beep_device() (bsc#1122944).\n\n - kABI workaround for snd_hda_bus.bus_probing addition\n (bsc#1122944).\n\n - kdb: use memmove instead of overlapping memcpy\n (bsc#1120954).\n\n - kernel/exit.c: release ptraced tasks before\n zap_pid_ns_processes (git-fixes).\n\n - kvm: arm/arm64: Properly protect VGIC locks from IRQs\n (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS: Promote irq_lock() in\n update_affinity (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls\n with SRCU lock (bsc#1117155).\n\n - kvm: arm/arm64: VGIC/ITS save/restore: protect\n kvm_read_guest() calls (bsc#1117155).\n\n - kvm: PPC: Book3S PR: Set hflag to indicate that POWER9\n supports 1T segments (bsc#1124589).\n\n - kvm: sev: Fail KVM_SEV_INIT if already initialized\n (bsc#1114279).\n\n - kvm: x86: fix L1TF's MMIO GFN calculation (bsc#1124204).\n\n - lan78xx: Resolve issue with changing MAC address\n (bsc#1051510).\n\n - libertas_tf: prevent underflow in process_cmdrequest()\n (bsc#1119086).\n\n - lib/rbtree-test: lower default params (git-fixes).\n\n - lockd: fix access beyond unterminated strings in prints\n (git-fixes).\n\n - LSM: Check for NULL cred-security on free (bsc#1051510).\n\n - md: fix raid10 hang issue caused by barrier (git-fixes).\n\n - media: firewire: Fix app_info parameter type in\n avc_ca(,_app)_info (bsc#1051510).\n\n - media: usb: pwc: Do not use coherent DMA buffers for ISO\n transfer (bsc#1054610).\n\n - media: v4l2-tpg: array index could become negative\n (bsc#1051510).\n\n - media: v4l: ioctl: Validate num_planes for debug\n messages (bsc#1051510).\n\n - media: vb2: be sure to unlock mutex on errors\n (bsc#1051510).\n\n - media: vb2: vb2_mmap: move lock up (bsc#1051510).\n\n - media: vivid: fix error handling of kthread_run\n (bsc#1051510).\n\n - media: vivid: free bitmap_cap when updating\n std/timings/etc (bsc#1051510).\n\n - media: vivid: set min width/height to a value > 0\n (bsc#1051510).\n\n - mfd: ab8500-core: Return zero in\n get_register_interruptible() (bsc#1051510).\n\n - mfd: tps6586x: Handle interrupts on suspend\n (bsc#1051510).\n\n - misc: atmel-ssc: Fix section annotation on\n atmel_ssc_get_driver_data (bsc#1051510).\n\n - misc: hmc6352: fix potential Spectre v1 (bsc#1051510).\n\n - misc: mic/scif: fix copy-paste error in\n scif_create_remote_lookup (bsc#1051510).\n\n - misc: mic: SCIF Fix scif_get_new_port() error handling\n (bsc#1051510).\n\n - misc: sram: enable clock before registering regions\n (bsc#1051510).\n\n - misc: sram: fix resource leaks in probe error path\n (bsc#1051510).\n\n - misc: ti-st: Fix memory leak in the error path of\n probe() (bsc#1051510).\n\n - misc: vexpress: Off by one in vexpress_syscfg_exec()\n (bsc#1051510).\n\n - mmc: atmel-mci: do not assume idle after\n atmci_request_end (bsc#1051510).\n\n - mmc: bcm2835: Fix DMA channel leak on probe error\n (bsc#1051510).\n\n - mmc: dw_mmc-bluefield: : Fix the license information\n (bsc#1051510).\n\n - mmc: sdhci-iproc: handle mmc_of_parse() errors during\n probe (bsc#1051510).\n\n - mm/huge_memory: fix lockdep complaint on 32-bit\n i_size_read() (VM Functionality, bsc#1121599).\n\n - mm/huge_memory: rename freeze_page() to unmap_page() (VM\n Functionality, bsc#1121599).\n\n - mm/huge_memory: splitting set mapping+index before\n unfreeze (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() do not crash on Compound\n (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() remember to clear holes\n (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() stop if punched or\n truncated (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: collapse_shmem() without freezing\n new_page (VM Functionality, bsc#1121599).\n\n - mm/khugepaged: fix crashes due to misaccounted holes (VM\n Functionality, bsc#1121599).\n\n - mm/khugepaged: minor reorderings in collapse_shmem() (VM\n Functionality, bsc#1121599).\n\n - mm: migrate: lock buffers before\n migrate_page_move_mapping() (bsc#1084216).\n\n - mm: migrate: Make buffer_migrate_page_norefs() actually\n succeed (bsc#1084216)\n\n - mm: migrate: provide buffer_migrate_page_norefs()\n (bsc#1084216).\n\n - mm: migration: factor out code to compute expected\n number of page references (bsc#1084216).\n\n - Move the upstreamed HD-audio fix into sorted section\n\n - mpt3sas: check sense buffer before copying sense data\n (bsc#1106811).\n\n - neighbour: Avoid writing before skb->head in\n neigh_hh_output() (networking-stable-18_12_12).\n\n - net: 8139cp: fix a BUG triggered by changing mtu with\n network traffic (networking-stable-18_12_12).\n\n - net: core: Fix Spectre v1 vulnerability\n (networking-stable-19_01_04).\n\n - net/hamradio/6pack: use mod_timer() to rearm timers\n (networking-stable-19_01_04).\n\n - net: hns3: add error handler for\n hns3_nic_init_vector_data() (bsc#1104353).\n\n - net: hns3: add handling for big TX fragment (bsc#1104353\n ).\n\n - net: hns3: Fix client initialize state issue when roce\n client initialize failed (bsc#1104353).\n\n - net: hns3: Fix for loopback selftest failed problem\n (bsc#1104353 ).\n\n - net: hns3: fix for multiple unmapping DMA problem\n (bsc#1104353 ).\n\n - net: hns3: Fix tc setup when netdev is first up\n (bsc#1104353 ).\n\n - net: hns3: Fix tqp array traversal condition for vf\n (bsc#1104353 ).\n\n - net: hns3: move DMA map into hns3_fill_desc (bsc#1104353\n ).\n\n - net: hns3: remove hns3_fill_desc_tso (bsc#1104353).\n\n - net: hns3: rename hns_nic_dma_unmap (bsc#1104353).\n\n - net: hns3: rename the interface for init_client_instance\n and uninit_client_instance (bsc#1104353).\n\n - net: macb: restart tx after tx used bit read\n (networking-stable-19_01_04).\n\n - net/mlx4_en: Change min MTU size to ETH_MIN_MTU\n (networking-stable-18_12_12).\n\n - net/mlx5e: Remove the false indication of software\n timestamping support (networking-stable-19_01_04).\n\n - net/mlx5: Typo fix in del_sw_hw_rule\n (networking-stable-19_01_04).\n\n - net: phy: do not allow __set_phy_supported to add\n unsupported modes (networking-stable-18_12_12).\n\n - net: phy: Fix the issue that netif always links up after\n resuming (networking-stable-19_01_04).\n\n - netrom: fix locking in nr_find_socket()\n (networking-stable-19_01_04).\n\n - net: skb_scrub_packet(): Scrub offload_fwd_mark\n (networking-stable-18_12_03).\n\n - net/smc: fix TCP fallback socket release\n (networking-stable-19_01_04).\n\n - net: stmmac: Fix PCI module removal leak (git-fixes).\n\n - net: thunderx: set tso_hdrs pointer to NULL in\n nicvf_free_snd_queue (networking-stable-18_12_03).\n\n - net: thunderx: set xdp_prog to NULL if bpf_prog_add\n fails (networking-stable-18_12_03).\n\n - net/wan: fix a double free in x25_asy_open_tty()\n (networking-stable-19_01_04).\n\n - nfsd: COPY and CLONE operations require the saved\n filehandle to be set (git-fixes).\n\n - nfsd: Fix an Oops in free_session() (git-fixes).\n\n - nfs: Fix a missed page unlock after pg_doio()\n (git-fixes).\n\n - NFS: Fix up return value on fatal errors in\n nfs_page_async_flush() (git-fixes).\n\n - NFSv4.1: Fix the r/wsize checking (git-fixes).\n\n - NFSv4: Do not exit the state manager without clearing\n NFS4CLNT_MANAGER_RUNNING (git-fixes).\n\n - nvme-multipath: round-robin I/O policy (bsc#1110705).\n\n - omap2fb: Fix stack memory disclosure (bsc#1120902)\n\n - packet: Do not leak dev refcounts on error exit\n (git-fixes).\n\n - packet: validate address length if non-zero\n (networking-stable-19_01_04).\n\n - packet: validate address length\n (networking-stable-19_01_04).\n\n - PCI: Disable broken RTIT_BAR of Intel TH (bsc#1120318).\n\n - phonet: af_phonet: Fix Spectre v1 vulnerability\n (networking-stable-19_01_04).\n\n - platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34\n scan codes (bsc#1051510).\n\n - platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK\n (bsc#1051510).\n\n - platform/x86: asus-wmi: Tell the EC the OS will handle\n the display off hotkey (bsc#1051510).\n\n - powerpc: Always save/restore checkpointed regs during\n treclaim/trecheckpoint (bsc#1118338).\n\n - powerpc/cacheinfo: Report the correct shared_cpu_map on\n big-cores (bsc#1109695).\n\n - powerpc: Detect the presence of big-cores via 'ibm,\n thread-groups' (bsc#1109695).\n\n - powerpc: make use of for_each_node_by_type() instead of\n open-coding it (bsc#1109695).\n\n - powerpc/powernv: Clear LPCR[PECE1] via stop-api only for\n deep state offline (bsc#1119766, bsc#1055121).\n\n - powerpc/powernv: Clear PECE1 in LPCR via stop-api only\n on Hotplug (bsc#1119766, bsc#1055121).\n\n - powerpc: Remove facility loadups on transactional (fp,\n vec, vsx) unavailable (bsc#1118338).\n\n - powerpc: Remove redundant FP/Altivec giveup code\n (bsc#1118338).\n\n - powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n\n - powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n\n - powerpc/smp: Add Power9 scheduler topology\n (bsc#1109695).\n\n - powerpc/smp: Rework CPU topology construction\n (bsc#1109695).\n\n - powerpc/smp: Use cpu_to_chip_id() to find core siblings\n (bsc#1109695).\n\n - powerpc/tm: Avoid machine crash on rt_sigreturn\n (bsc#1118338).\n\n - powerpc/tm: Do not check for WARN in TM Bad Thing\n handling (bsc#1118338).\n\n - powerpc/tm: Fix comment (bsc#1118338).\n\n - powerpc/tm: Fix endianness flip on trap (bsc#1118338).\n\n - powerpc/tm: Fix HFSCR bit for no suspend case\n (bsc#1118338).\n\n - powerpc/tm: Fix HTM documentation (bsc#1118338).\n\n - powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM\n (bsc#1118338).\n\n - powerpc/tm: P9 disable transactionally suspended\n sigcontexts (bsc#1118338).\n\n - powerpc/tm: Print 64-bits MSR (bsc#1118338).\n\n - powerpc/tm: Print scratch value (bsc#1118338).\n\n - powerpc/tm: Reformat comments (bsc#1118338).\n\n - powerpc/tm: Remove msr_tm_active() (bsc#1118338).\n\n - powerpc/tm: Remove struct thread_info param from\n tm_reclaim_thread() (bsc#1118338).\n\n - powerpc/tm: Save MSR to PACA before RFID (bsc#1118338).\n\n - powerpc/tm: Set MSR[TS] just prior to recheckpoint\n (bsc#1118338, bsc#1120955).\n\n - powerpc/tm: Unset MSR[TS] if not recheckpointing\n (bsc#1118338).\n\n - powerpc/tm: Update function prototype comment\n (bsc#1118338).\n\n - powerpc: Use cpu_smallcore_sibling_mask at SMT level on\n bigcores (bsc#1109695).\n\n - powerpc/xmon: Fix invocation inside lock region\n (bsc#1122885).\n\n - pstore/ram: Avoid allocation and leak of platform data\n (bsc#1051510).\n\n - pstore/ram: Avoid NULL deref in ftrace merging failure\n path (bsc#1051510).\n\n - pstore/ram: Correctly calculate usable PRZ bytes\n (bsc#1051510).\n\n - pstore/ram: Do not treat empty buffers as valid\n (bsc#1051510).\n\n - ptp_kvm: probe for kvm guest availability (bsc#1098382).\n\n - ptr_ring: wrap back ->producer in\n __ptr_ring_swap_queue() (networking-stable-19_01_04).\n\n - qed: Avoid constant logical operation warning in\n qed_vf_pf_acquire (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Avoid implicit enum conversion in\n qed_iwarp_parse_rx_pkt (bsc#1086314 bsc#1086313\n bsc#1086301 ).\n\n - qed: Avoid implicit enum conversion in\n qed_roce_mode_to_flavor (bsc#1086314 bsc#1086313\n bsc#1086301 ).\n\n - qed: Avoid implicit enum conversion in\n qed_set_tunn_cls_info (bsc#1086314 bsc#1086313\n bsc#1086301 ).\n\n - qed: Fix an error code qed_ll2_start_xmit() (bsc#1086314\n bsc#1086313 bsc#1086301).\n\n - qed: Fix bitmap_weight() check (bsc#1086314 bsc#1086313\n bsc#1086301).\n\n - qed: Fix blocking/unlimited SPQ entries leak\n (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix command number mismatch between driver and the\n mfw (bsc#1086314 bsc#1086313 bsc#1086301 ).\n\n - qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv\n (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix memory/entry leak in qed_init_sp_request()\n (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix potential memory corruption (bsc#1086314\n bsc#1086313 bsc#1086301).\n\n - qed: Fix PTT leak in qed_drain() (bsc#1086314\n bsc#1086313 bsc#1086301).\n\n - qed: Fix QM getters to always return a valid pq\n (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qed: Fix rdma_info structure allocation (bsc#1086314\n bsc#1086313 bsc#1086301).\n\n - qed: Fix reading wrong value in loop condition\n (bsc#1086314 bsc#1086313 bsc#1086301).\n\n - qla2xxx: Fixup dual-protocol FCP connections\n (bsc#1108870).\n\n - qmi_wwan: Added support for Fibocom NL668 series\n (networking-stable-19_01_04).\n\n - qmi_wwan: Added support for Telit LN940 series\n (networking-stable-19_01_04).\n\n - qmi_wwan: Add support for Fibocom NL678 series\n (networking-stable-19_01_04).\n\n - rapidio/rionet: do not free skb before reading its\n length (networking-stable-18_12_03).\n\n - RDMA/core: Fix unwinding flow in case of error to\n register device (bsc#1046306).\n\n - Revert 'serial: 8250: Fix clearing FIFOs in RS485 mode\n again' (bsc#1051510).\n\n - rpm/release-projects: Add SUSE:Maintenance:* for MU\n kernels (bsc#1123317)\n\n - rtnetlink: ndo_dflt_fdb_dump() only work for\n ARPHRD_ETHER devices (networking-stable-18_12_12).\n\n - s390/zcrypt: fix specification exception on z196 during\n ap probe (LTC#174936, bsc#1123061).\n\n - sbus: char: add of_node_put() (bsc#1051510).\n\n - sched/wait: Fix rcuwait_wake_up() ordering (git-fixes).\n\n - scripts/git_sort/git_sort.py: Add mkp/scsi\n 5.0/scsi-fixes\n\n - scripts/git_sort/git_sort.py: Add s390/linux.git fixes.\n\n - scsi: qedi: Add ep_state for login completion on\n un-reachable targets (bsc#1113712).\n\n - scsi: qla2xxx: Timeouts occur on surprise removal of\n QLogic adapter (bsc#1124985).\n\n - scsi: target: make the pi_prot_format ConfigFS path\n readable (bsc#1123933).\n\n - sctp: initialize sin6_flowinfo for ipv6 addrs in\n sctp_inet6addr_event (networking-stable-19_01_04).\n\n - sctp: kfree_rcu asoc (networking-stable-18_12_12).\n\n - selftests/powerpc: Use snprintf to construct DSCR sysfs\n interface paths (bsc#1124579).\n\n - selinux: Add __GFP_NOWARN to allocation at str_read()\n (bsc#1051510).\n\n - selinux: fix GPF on invalid policy (bsc#1051510).\n\n - serial: imx: fix error handling in console_setup\n (bsc#1051510).\n\n - serial: set suppress_bind_attrs flag only if builtin\n (bsc#1051510).\n\n - serial/sunsu: fix refcount leak (bsc#1051510).\n\n - serial: uartps: Fix interrupt mask issue to handle the\n RX interrupts properly (bsc#1051510).\n\n - shmem: introduce shmem_inode_acct_block (VM\n Functionality, bsc#1121599).\n\n - shmem: shmem_charge: verify max_block is not exceeded\n before inode update (VM Functionality, bsc#1121599).\n\n - signal: Always deliver the kernel's SIGKILL and SIGSTOP\n to a pid namespace init (git-fixes).\n\n - slab: alien caches must not be initialized if the\n allocation of the alien cache failed (git fixes\n (mm/slab)).\n\n - smb3.1.1 dialect is no longer experimental\n (bsc#1051510).\n\n - smb311: Fix reconnect (bsc#1051510).\n\n - smb3: Add support for multidialect negotiate (SMB2.1 and\n later) (bsc#1051510).\n\n - smb3: allow stats which track session and share\n reconnects to be reset (bsc#1051510).\n\n - smb3: Backup intent flag missing for directory opens\n with backupuid mounts (bsc#1051510).\n\n - smb3: check for and properly advertise directory lease\n support (bsc#1051510).\n\n - smb3: directory sync should not return an error\n (bsc#1051510).\n\n - smb3: do not attempt cifs operation in smb3 query info\n error path (bsc#1051510).\n\n - smb3: do not request leases in symlink creation and\n query (bsc#1051510).\n\n - smb3: Do not send SMB3 SET_INFO if nothing changed\n (bsc#1051510).\n\n - smb3: enumerating snapshots was leaving part of the data\n off end (bsc#1051510).\n\n - smb3: Fix length checking of SMB3.11 negotiate request\n (bsc#1051510).\n\n - smb3: Fix root directory when server returns inode\n number of zero (bsc#1051510).\n\n - smb3: fix various xid leaks (bsc#1051510).\n\n - smb3: Improve security, move default dialect to SMB3\n from old CIFS (bsc#1051510).\n\n - smb3: on kerberos mount if server does not specify auth\n type use krb5 (bsc#1051510).\n\n - smb3: Remove ifdef since SMB3 (and later) now STRONGLY\n preferred (bsc#1051510).\n\n - smb3: simplify code by removing CONFIG_CIFS_SMB311\n (bsc#1051510).\n\n - staging: rtl8188eu: Add device code for D-Link DWA-121\n rev B1 (bsc#1051510).\n\n - sunrpc: correct the computation for page_ptr when\n truncating (git-fixes).\n\n - sunrpc: Fix a potential race in xprt_connect()\n (git-fixes).\n\n - sunrpc: Fix leak of krb5p encode pages (git-fixes).\n\n - sunrpc: handle ENOMEM in rpcb_getport_async (git-fixes).\n\n - sunrpc: safely reallow resvport min/max inversion\n (git-fixes).\n\n - tcp: Do not underestimate rwnd_limited\n (networking-stable-18_12_12).\n\n - tcp: fix a race in inet_diag_dump_icsk()\n (networking-stable-19_01_04).\n\n - tcp: fix NULL ref in tail loss probe\n (networking-stable-18_12_12).\n\n - tcp: lack of available data can also cause TSO defer\n (git-fixes).\n\n - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check\n (bsc#1051510).\n\n - tipc: compare remote and local protocols in\n tipc_udp_enable() (networking-stable-19_01_04).\n\n - tipc: fix a double kfree_skb()\n (networking-stable-19_01_04).\n\n - tipc: use lock_sock() in tipc_sk_reinit()\n (networking-stable-19_01_04).\n\n - tools/lib/lockdep: Rename 'trywlock' into 'trywrlock'\n (bsc#1121973).\n\n - tty: Do not hold ldisc lock in tty_reopen() if ldisc\n present (bsc#1051510).\n\n - tty: Handle problem if line discipline does not have\n receive_buf (bsc#1051510).\n\n - tty/n_hdlc: fix __might_sleep warning (bsc#1051510).\n\n - tty/serial: do not free trasnmit buffer page under port\n lock (bsc#1051510).\n\n - tun: forbid iface creation with rtnl ops\n (networking-stable-18_12_12).\n\n - uart: Fix crash in uart_write and uart_put_char\n (bsc#1051510).\n\n - usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70\n RGB (bsc#1120902).\n\n - usb: cdc-acm: send ZLP for Telit 3G Intel based modems\n (bsc#1120902).\n\n - usb: dwc3: gadget: Clear req->needs_extra_trb flag on\n cleanup (bsc#1120902).\n\n - usb: dwc3: trace: add missing break statement to make\n compiler happy (bsc#1120902).\n\n - usbnet: ipheth: fix potential recvmsg bug and recvmsg\n bug 2 (networking-stable-18_12_03).\n\n - usb: serial: option: add Fibocom NL678 series\n (bsc#1120902).\n\n - usb: serial: pl2303: add ids for Hewlett-Packard HP POS\n pole displays (bsc#1120902).\n\n - usb: storage: add quirk for SMI SM3350 (bsc#1120902).\n\n - usb: storage: do not insert sane sense for SPC3+ when\n bad sense specified (bsc#1120902).\n\n - usb: xhci: fix 'broken_suspend' placement in struct\n xchi_hcd (bsc#1119086).\n\n - vfs: Avoid softlockups in drop_pagecache_sb()\n (bsc#1118505).\n\n - vhost: make sure used idx is seen before log in\n vhost_add_used_n() (networking-stable-19_01_04).\n\n - virtio-net: fail XDP set if guest csum is negotiated\n (networking-stable-18_12_03).\n\n - virtio-net: keep vnet header zeroed after processing XDP\n (networking-stable-18_12_12).\n\n - vsock: Send reset control packet when socket is\n partially bound (networking-stable-19_01_04).\n\n - vt: invoke notifier on screen size change (bsc#1051510).\n\n - watchdog: w83627hf_wdt: Add quirk for Inves system\n (bsc#1106434).\n\n - writeback: do not decrement wb->refcnt if !wb->bdi (git\n fixes (writeback)).\n\n - x86/bugs: Add AMD's variant of SSB_NO (bsc#1114279).\n\n - x86/bugs: Update when to check for the LS_CFG SSBD\n mitigation (bsc#1114279).\n\n - x86/kvmclock: set pvti_cpu0_va after enabling kvmclock\n (bsc#1098382).\n\n - x86/MCE: Initialize mce.bank in the case of a fatal\n error in mce_no_way_out() (bsc#1114279).\n\n - x86/microcode/amd: Do not falsely trick the late loading\n mechanism (bsc#1114279).\n\n - x86/mm: Drop usage of __flush_tlb_all() in\n kernel_physical_mapping_init() (bsc#1114279).\n\n - x86, modpost: Replace last remnants of RETPOLINE with\n CONFIG_RETPOLINE (bsc#1114279).\n\n - x86/pvclock: add setter for pvclock_pvti_cpu0_va\n (bsc#1098382).\n\n - x86/resctrl: Fix rdt_find_domain() return value and\n checks (bsc#1114279).\n\n - x86/speculation: Add RETPOLINE_AMD support to the inline\n asm CALL_NOSPEC variant (bsc#1114279).\n\n - x86/speculation: Remove redundant arch_smt_update()\n invocation (bsc#1114279).\n\n - x86/xen/time: Output xen sched_clock time from 0\n (bsc#1098382).\n\n - x86/xen/time: set pvclock flags on xen_time_init()\n (bsc#1098382).\n\n - x86/xen/time: setup vcpu 0 time info page (bsc#1098382).\n\n - xen: Fix x86 sched_clock() interface for xen\n (bsc#1098382).\n\n - xhci: Add quirk to zero 64bit registers on Renesas PCIe\n controllers (bsc#1120854).\n\n - xhci: workaround CSS timeout on AMD SNPS 3.0 xHC\n (bsc#1119086).\n\n - xprtrdma: Reset credit grant properly after a disconnect\n (git-fixes).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1046306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1050252\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051510\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1054610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1055121\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1056658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1056662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1084216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086314\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1086323\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1087092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1098425\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1104353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106105\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1106811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1108870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1110705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1111666\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113712\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1114279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1118505\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1119766\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120902\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120954\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120955\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1121973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122019\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122779\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122944\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123538\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1123933\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124579\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124732\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1124985\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1125109\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=802154\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20669\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-base-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-debugsource-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-debug-devel-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-base-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-debugsource-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-default-devel-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-devel-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-docs-html-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-debugsource-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-macros-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-build-debugsource-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-obs-qa-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-source-vanilla-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-syms-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-base-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-debugsource-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-4.12.14-lp150.12.48.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.48.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:06:18", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities:\n\n - Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub- operations. These sub-operations allow the processor to hand-off address generation logic into these sub- operations for optimized writes. Both of these sub- operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)\n\n - Microprocessors use a load port subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPUs pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side- channel. (CVE-2018-12127)\n\n - A flaw was found in the implementation of the fill buffer, a mechanism used by modern CPUs when a cache- miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer.\n (CVE-2018-12130)\n\n - A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to a use- after-free issue. A user/process could use this flaw to crash the guest VM resulting in a denial of service issue or, potentially, gain privileged access to a system. (CVE-2019-6974)\n\n - A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested (=1) virtualization is enabled. This high resolution timer(hrtimer) runs when a L2 guest is active. After VM exit, the sync_vmcs12() timer object is stopped. The use-after-free occurs if the timer object is freed before calling sync_vmcs12() routine. A guest user/process could use this flaw to crash the host kernel resulting in a denial of service or, potentially, gain privileged access to a system.\n (CVE-2019-7221)\n\n - An information leakage issue was found in the way Linux kernel's KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand.\n It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host's stack memory contents to a guest.\n (CVE-2019-7222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0086)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-12126", "CVE-2018-12127", "CVE-2018-12130", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2019-0086_KERNEL-RT.NASL", "href": "https://www.tenable.com/plugins/nessus/127302", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2019-0086. The text\n# itself is copyright (C) ZTE, Inc.\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127302);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2018-12126\",\n \"CVE-2018-12127\",\n \"CVE-2018-12130\",\n \"CVE-2019-6974\",\n \"CVE-2019-7221\",\n \"CVE-2019-7222\"\n );\n script_bugtraq_id(107127, 107294, 106963);\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0086)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected\nby multiple vulnerabilities:\n\n - Modern Intel microprocessors implement hardware-level\n micro-optimizations to improve the performance of\n writing data back to CPU caches. The write operation is\n split into STA (STore Address) and STD (STore Data) sub-\n operations. These sub-operations allow the processor to\n hand-off address generation logic into these sub-\n operations for optimized writes. Both of these sub-\n operations write to a shared distributed processor\n structure called the 'processor store buffer'. As a\n result, an unprivileged attacker could use this flaw to\n read private data resident within the CPU's processor\n store buffer. (CVE-2018-12126)\n\n - Microprocessors use a load port subcomponent to\n perform load operations from memory or IO. During a load\n operation, the load port receives data from the memory\n or IO subsystem and then provides the data to the CPU\n registers and operations in the CPUs pipelines. Stale\n load operations results are stored in the 'load port'\n table until overwritten by newer operations. Certain\n load-port operations triggered by an attacker can be\n used to reveal data about previous stale requests\n leaking data back to the attacker via a timing side-\n channel. (CVE-2018-12127)\n\n - A flaw was found in the implementation of the fill\n buffer, a mechanism used by modern CPUs when a cache-\n miss is made on L1 CPU cache. If an attacker can\n generate a load operation that would create a page\n fault, the execution will continue speculatively with\n incorrect data from the fill buffer while the data is\n fetched from higher level caches. This response time can\n be measured to infer data in the fill buffer.\n (CVE-2018-12130)\n\n - A use-after-free vulnerability was found in the way the\n Linux kernel's KVM hypervisor implements its device\n control API. While creating a device via\n kvm_ioctl_create_device(), the device holds a reference\n to a VM object, later this reference is transferred to\n the caller's file descriptor table. If such file\n descriptor was to be closed, reference count to the VM\n object could become zero, potentially leading to a use-\n after-free issue. A user/process could use this flaw to\n crash the guest VM resulting in a denial of service\n issue or, potentially, gain privileged access to a\n system. (CVE-2019-6974)\n\n - A use-after-free vulnerability was found in the way the\n Linux kernel's KVM hypervisor emulates a preemption\n timer for L2 guests when nested (=1) virtualization is\n enabled. This high resolution timer(hrtimer) runs when a\n L2 guest is active. After VM exit, the sync_vmcs12()\n timer object is stopped. The use-after-free occurs if\n the timer object is freed before calling sync_vmcs12()\n routine. A guest user/process could use this flaw to\n crash the host kernel resulting in a denial of service\n or, potentially, gain privileged access to a system.\n (CVE-2019-7221)\n\n - An information leakage issue was found in the way Linux\n kernel's KVM hypervisor handled page fault exceptions\n while emulating instructions like VMXON, VMCLEAR,\n VMPTRLD, and VMWRITE with memory address as an operand.\n It occurs if the operand is a mmio address, as the\n returned exception object holds uninitialized stack\n memory contents. A guest user/process could use this\n flaw to leak host's stack memory contents to a guest.\n (CVE-2019-7222)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2019-0086\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL kernel-rt packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6974\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/ZTE-CGSL/release\");\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, \"NewStart Carrier Grade Server Linux\");\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item(\"Host/ZTE-CGSL/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"NewStart Carrier Grade Server Linux\", cpu);\n\nflag = 0;\n\npkgs = {\n \"CGSL CORE 5.05\": [\n \"kernel-rt-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-doc-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\"\n ],\n \"CGSL MAIN 5.05\": [\n \"kernel-rt-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debug-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-debuginfo-common-x86_64-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-doc-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-devel-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-kvm-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\",\n \"kernel-rt-trace-kvm-debuginfo-3.10.0-957.12.2.rt56.929.el7.cgslv5_5.2.64.g521d5ca\"\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:\"ZTE \" + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:47:49", "description": "The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).\n\nCVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).\n\nCVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. (bnc#1107829).\n\nCVE-2019-7221: The KVM implementation in the Linux kernel had a Use-after-Free (bnc#1124732).\n\nCVE-2019-7222: The KVM implementation in the Linux kernel had an Information Leak (bnc#1124735).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, which led to a use-after-free (bnc#1124728).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0828-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14633", "CVE-2019-2024", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-9213"], "modified": "2022-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0828-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123635", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0828-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123635);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/20\");\n\n script_cve_id(\n \"CVE-2018-14633\",\n \"CVE-2019-2024\",\n \"CVE-2019-6974\",\n \"CVE-2019-7221\",\n \"CVE-2019-7222\",\n \"CVE-2019-9213\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0828-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive\nvarious security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-2024: A use-after-free when disconnecting a source was fixed\nwhich could lead to crashes. bnc#1129179).\n\nCVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bnc#1128166).\n\nCVE-2018-14633: A security flaw was found in the\nchap_server_compute_md5() function in the ISCSI target code in the\nLinux kernel in a way an authentication request from an ISCSI\ninitiator is processed. (bnc#1107829).\n\nCVE-2019-7221: The KVM implementation in the Linux kernel had a\nUse-after-Free (bnc#1124732).\n\nCVE-2019-7222: The KVM implementation in the Linux kernel had an\nInformation Leak (bnc#1124735).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, which led\nto a use-after-free (bnc#1124728).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082943\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1098599\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107829\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1108145\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109137\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109330\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1110286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120691\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122821\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127758\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14633/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-2024/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-6974/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-7221/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-7222/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9213/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190828-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9b6ab111\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-828=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-828=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-828=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-828=1\n\nSUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch\nSUSE-SLE-HA-12-SP2-2019-828=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-828=1\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-828=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14633\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-6974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_104-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_104-default-1-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-default-man-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-base-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-base-debuginfo-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-debuginfo-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-debugsource-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-default-devel-4.4.121-92.104.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"kernel-syms-4.4.121-92.104.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2022-08-10T15:45:09", "description": "This update for the Linux Kernel 4.4.121-92_73 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0683-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-9213"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_120-92_70-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_73-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_80-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_85-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0683-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123061", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0683-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123061);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-9213\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0683-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 4.4.121-92_73 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM\nhypervisor related to the emulation of a preemption timer, allowing an\nguest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, leading to\na use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-7221/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9213/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190683-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?67a28800\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-682=1 SUSE-SLE-SAP-12-SP2-2019-683=1\nSUSE-SLE-SAP-12-SP2-2019-684=1 SUSE-SLE-SAP-12-SP2-2019-685=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-682=1 SUSE-SLE-SERVER-12-SP2-2019-683=1\nSUSE-SLE-SERVER-12-SP2-2019-684=1 SUSE-SLE-SERVER-12-SP2-2019-685=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_120-92_70-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_73-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_80-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_85-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_120-92_70-default-11-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_73-default-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_80-default-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_85-default-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:45:09", "description": "This update for the Linux Kernel 4.4.121-92_95 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-26T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0722-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-9213"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_95-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0722-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0722-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123125);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-9213\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0722-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 4.4.121-92_95 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM\nhypervisor related to the emulation of a preemption timer, allowing an\nguest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, leading to\na use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-7221/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9213/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190722-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?88cd6d51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-722=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-722=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_95-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_95-default-5-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:46:24", "description": "This update for the Linux Kernel 4.4.121-92_98 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0709-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-6974", "CVE-2019-7221", "CVE-2019-9213"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_92-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_98-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0709-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123066", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0709-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123066);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-9213\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0709-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for the Linux Kernel 4.4.121-92_98 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM\nhypervisor related to the emulation of a preemption timer, allowing an\nguest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, leading to\na use-after-free (bsc#1124729).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-7221/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9213/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190709-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f631b64c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-709=1 SUSE-SLE-SAP-12-SP2-2019-710=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-709=1 SUSE-SLE-SERVER-12-SP2-2019-710=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_92-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_98-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/02/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_92-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_98-default-4-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:48:28", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4612 advisory.\n\n - An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field.\n The privileged user root with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data length code a higher value than the available CAN frame data size. In combination with a configured checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel) the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames.\n (CVE-2019-3701)\n\n - In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. (CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. (CVE-2019-7221)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. (CVE-2019-7222)\n\n - A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.\n (CVE-2019-8980)\n\n - In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. (CVE-2019-9213)\n\n - In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr. (CVE-2019-8912)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-15T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4612)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3701", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-8912", "CVE-2019-8980", "CVE-2019-9213"], "modified": "2022-05-20T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2019-4612.NASL", "href": "https://www.tenable.com/plugins/nessus/124048", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2019-4612.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124048);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/20\");\n\n script_cve_id(\n \"CVE-2019-3701\",\n \"CVE-2019-6974\",\n \"CVE-2019-7221\",\n \"CVE-2019-7222\",\n \"CVE-2019-8912\",\n \"CVE-2019-8980\",\n \"CVE-2019-9213\"\n );\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4612)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2019-4612 advisory.\n\n - An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN\n frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field.\n The privileged user root with CAP_NET_ADMIN can create a CAN frame modification rule that makes the data\n length code a higher value than the available CAN frame data size. In combination with a configured\n checksum calculation where the result is stored relatively to the end of the data (e.g. cgw_csum_xor_rel)\n the tail of the skb (e.g. frag_list pointer in skb_shared_info) can be rewritten which finally can cause a\n system crash. Because of a missing check, the CAN drivers may write arbitrary content beyond the data\n registers in the CAN controller's I/O memory when processing can-gw manipulated outgoing frames.\n (CVE-2019-3701)\n\n - In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference\n counting because of a race condition, leading to a use-after-free. (CVE-2019-6974)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. (CVE-2019-7221)\n\n - The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. (CVE-2019-7222)\n\n - A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows\n attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.\n (CVE-2019-8980)\n\n - In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum\n address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP\n platforms. This is related to a capability check for the wrong task. (CVE-2019-9213)\n\n - In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for\n a certain structure member, which leads to a use-after-free in sockfs_setattr. (CVE-2019-8912)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2019-4612.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8912\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-6974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-1844.4.5.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2019-4612');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-4.14.35-1844.4.5.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-1844.4.5.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-1844.4.5.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-1844.4.5.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-doc-4.14.35-1844.4.5.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.14.35'},\n {'reference':'kernel-uek-headers-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-1844.4.5.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-libs-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-4.14.35'},\n {'reference':'kernel-uek-tools-libs-devel-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-devel-4.14.35'},\n {'reference':'perf-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.35-1844.4.5.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T15:45:30", "description": "This update for the Linux Kernel 3.12.74-60_64_104 fixes several issues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).\n\nCVE-2018-5391: The Linux kernel was vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker might have caused a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0672-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-9213"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_104-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_104-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_107-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_107-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_85-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_85-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_88-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_88-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_93-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_93-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_96-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_96-xen", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_99-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_99-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0672-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123000", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0672-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123000);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2018-5391\", \"CVE-2019-6974\", \"CVE-2019-7221\", \"CVE-2019-9213\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0672-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_104 fixes several\nissues.\n\nThe following security issues were fixed :\n\nCVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bsc#1128378).\n\nCVE-2019-7221: Fixed a user-after-free vulnerability in the KVM\nhypervisor related to the emulation of a preemption timer, allowing an\nguest user/process to crash the host kernel. (bsc#1124734).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, leading to\na use-after-free (bsc#1124729).\n\nCVE-2018-5391: The Linux kernel was vulnerable to a denial of service\nattack with low rates of specially modified packets targeting IP\nfragment re-assembly. An attacker might have caused a denial of\nservice condition by sending specially crafted IP fragments. Various\nvulnerabilities in IP fragmentation have been discovered and fixed\nover the years. The current vulnerability (CVE-2018-5391) became\nexploitable in the Linux kernel with the increase of the IP fragment\nreassembly queue size (bsc#1103098).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124729\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124734\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5391/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6974/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-7221/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9213/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190672-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?569e099c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-668=1 SUSE-SLE-SAP-12-SP1-2019-669=1\nSUSE-SLE-SAP-12-SP1-2019-670=1 SUSE-SLE-SAP-12-SP1-2019-671=1\nSUSE-SLE-SAP-12-SP1-2019-672=1 SUSE-SLE-SAP-12-SP1-2019-673=1\nSUSE-SLE-SAP-12-SP1-2019-674=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-668=1 SUSE-SLE-SERVER-12-SP1-2019-669=1\nSUSE-SLE-SERVER-12-SP1-2019-670=1 SUSE-SLE-SERVER-12-SP1-2019-671=1\nSUSE-SLE-SERVER-12-SP1-2019-672=1 SUSE-SLE-SERVER-12-SP1-2019-673=1\nSUSE-SLE-SERVER-12-SP1-2019-674=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-6974\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_104-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_104-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_107-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_107-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_85-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_85-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_88-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_88-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_93-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_93-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_96-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_96-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_99-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_99-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_104-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_104-xen-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_107-default-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_107-xen-6-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_85-default-12-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_85-xen-12-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_88-default-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_88-xen-10-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_93-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_93-xen-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_96-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_96-xen-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_99-default-8-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_99-xen-8-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T15:47:27", "description": "The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).\n\nCVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free. (bnc#1124728)\n\nCVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two remote information leak vulnerabilities in the code that handles incoming L2cap configuration packets (bsc#1120758).\n\nCVE-2019-7221: Fixed a use-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124732).\n\nCVE-2019-7222: Fixed an information leakage in the KVM hypervisor related to handling page fault exceptions, which allowed a guest user/process to use this flaw to leak the host's stack memory contents to a guest (bsc#1124735).\n\nCVE-2017-18249: The add_free_nid function in fs/f2fs/node.c did not properly track an allocated nid, which allowed local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads (bnc#1087036).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0901-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18249", "CVE-2019-2024", "CVE-2019-3459", "CVE-2019-3460", "CVE-2019-6974", "CVE-2019-7221", "CVE-2019-7222", "CVE-2019-9213"], "modified": "2022-05-20T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-base", "p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-azure-debugsource", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0901-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123927", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0901-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123927);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/20\");\n\n script_cve_id(\n \"CVE-2017-18249\",\n \"CVE-2019-2024\",\n \"CVE-2019-3459\",\n \"CVE-2019-3460\",\n \"CVE-2019-6974\",\n \"CVE-2019-7221\",\n \"CVE-2019-7222\",\n \"CVE-2019-9213\"\n );\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0901-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The SUSE Linux Enterprise 12 SP3 Azure kernel was updated to 4.4.176\nto receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\nCVE-2019-2024: A use-after-free when disconnecting a source was fixed\nwhich could lead to crashes. bnc#1129179).\n\nCVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the\nmmap minimum address, which made it easier for attackers to exploit\nkernel NULL pointer dereferences on non-SMAP platforms. This is\nrelated to a capability check for the wrong task (bnc#1128166).\n\nCVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c\nmishandled reference counting because of a race condition, leading to\na use-after-free. (bnc#1124728)\n\nCVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two\nremote information leak vulnerabilities in the code that handles\nincoming L2cap configuration packets (bsc#1120758).\n\nCVE-2019-7221: Fixed a use-after-free vulnerability in the KVM\nhypervisor related to the emulation of a preemption timer, allowing an\nguest user/process to crash the host kernel. (bsc#1124732).\n\nCVE-2019-7222: Fixed an information leakage in the KVM hypervisor\nrelated to handling page fault exceptions, which allowed a guest\nuser/process to use this flaw to leak the host's stack memory contents\nto a guest (bsc#1124735).\n\nCVE-2017-18249: The add_free_nid function in fs/f2fs/node.c did not\nproperly track an allocated nid, which allowed local users to cause a\ndenial of service (race condition) or possibly have unspecified other\nimpact via concurrent threads (bnc#1087036).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1023175\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031492\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042286\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1050549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1065600\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1070767\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075697\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078355\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082943\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087036\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087092\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1090435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1094823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1099810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102896\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1102959\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103429\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1105428\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1106929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1107866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109137\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109248\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1109695\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1114893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1116653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1117744\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1119843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120691\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120758\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121713\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121726\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122651\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122779\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1122885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123357\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1123933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124235\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124735\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124775\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124780\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125000\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125315\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125810\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125892\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126772\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126773\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127082\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127155\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127731\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127961\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128756\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129237\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129238\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129239\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129240\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129241\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129414\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129416\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129418\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129419\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1129923\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-18249/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-2024/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3459/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-3460/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-6974/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-7221/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-7222/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-9213/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190901-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fced5977\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-901=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2024\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-6974\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-base-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-base-debuginfo-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-debuginfo-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-debugsource-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-azure-devel-4.4.176-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-azure-4.4.176-4.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:21", "description": "The 4.8.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2016-11-17T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2016-14c4187e3a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8630"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-14C4187E3A.NASL", "href": "https://www.tenable.com/plugins/nessus/94924", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-14c4187e3a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94924);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-8630\");\n script_xref(name:\"FEDORA\", value:\"2016-14c4187e3a\");\n\n script_name(english:\"Fedora 24 : kernel (2016-14c4187e3a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.8.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-14c4187e3a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8630\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-14c4187e3a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.8.7-200.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:38:56", "description": "The 4.8.7 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2016-11-21T00:00:00", "type": "nessus", "title": "Fedora 25 : kernel (2016-876deae183)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8630"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-876DEAE183.NASL", "href": "https://www.tenable.com/plugins/nessus/95008", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-876deae183.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95008);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-8630\");\n script_xref(name:\"FEDORA\", value:\"2016-876deae183\");\n\n script_name(english:\"Fedora 25 : kernel (2016-876deae183)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.8.7 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-876deae183\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8630\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-876deae183\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.8.7-300.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-06-16T16:23:05", "description": "This update for xen fixes several issues. These security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562). bsc#1027519\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-06-11T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2018:1603-1) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2018-1603-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110444", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1603-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110444);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2018:1603-1) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-3639: Prevent attackers with local user access\n from extracting information via a side-channel analysis,\n aka Speculative Store Bypass (SSB), Variant 4\n (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved\n Spectre v2 mitigations (bsc#1074562). bsc#1027519\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181603-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5909a83d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-xen-13647=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-xen-13647=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-xen-13647=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.4_32_3.0.101_108.52-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.4.4_32_3.0.101_108.52-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-default-4.4.4_32_3.0.101_108.52-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-libs-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-domU-4.4.4_32-61.29.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-pae-4.4.4_32_3.0.101_108.52-61.29.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-06-16T16:23:46", "description": "This update for xen to version 4.10.1 fixes several issues (bsc#1027519).\n\nThese security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).\n\nThis non-security issue was fixed :\n\n - Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730)", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-06-11T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-2018-599) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2018-599.NASL", "href": "https://www.tenable.com/plugins/nessus/110438", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-599.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110438);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-2018-599) (Meltdown) (Spectre)\");\n script_summary(english:\"Check for the openSUSE-2018-599 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for xen to version 4.10.1 fixes several issues\n(bsc#1027519).\n\nThese security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access\n from extracting information via a side-channel analysis,\n aka Speculative Store Bypass (SSB), Variant 4\n (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved\n Spectre v2 mitigations (bsc#1074562).\n\nThis non-security issue was fixed :\n\n - Always call qemus xen-save-devices-state in\n suspend/resume to fix migration with qcow2 images\n (bsc#1079730)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1079730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1092631\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/09\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/11\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-debugsource-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-devel-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-libs-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-libs-debuginfo-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-tools-domU-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"xen-tools-domU-debuginfo-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-doc-html-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-debuginfo-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-tools-4.10.1_04-lp150.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.10.1_04-lp150.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-debugsource / xen-devel / xen-doc-html / xen-libs / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-06-16T16:25:40", "description": "This update for libvirt fixes the following issues: Security issues fixed :\n\n - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869).\n\n - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd' CPUID feature bits to address V4 Speculative Store Bypass aka 'Memory Disambiguation' (bsc#1092885).\n\n - CVE-2018-1064: Fix denial of service problem during reading from guest agent (bsc#1083625).\n\n - CVE-2018-5748: Fix resource exhaustion via qemuMonitorIORead() method (bsc#1076500).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2018-07-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : libvirt (SUSE-SU-2018:2082-1) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2018-1064", "CVE-2018-3639", "CVE-2018-5748"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libvirt", "p-cpe:/a:novell:suse_linux:libvirt-client", "p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage", "p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo", "p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc", "p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu", "p-cpe:/a:novell:suse_linux:libvirt-daemon-xen", "p-cpe:/a:novell:suse_linux:libvirt-debugsource", "p-cpe:/a:novell:suse_linux:libvirt-doc", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock", "p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-2082-1.NASL", "href": "https://www.tenable.com/plugins/nessus/111434", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:2082-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111434);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/10 13:51:48\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2018-1064\", \"CVE-2018-3639\", \"CVE-2018-5748\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES12 Security Update : libvirt (SUSE-SU-2018:2082-1) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libvirt fixes the following issues: Security issues\nfixed :\n\n - CVE-2017-5715: Fixes for speculative side channel\n attacks aka 'SpectreAttack' (var2) (bsc#1079869).\n\n - CVE-2018-3639: Add support for 'ssbd' and 'virt-ssbd'\n CPUID feature bits to address V4 Speculative Store\n Bypass aka 'Memory Disambiguation' (bsc#1092885).\n\n - CVE-2018-1064: Fix denial of service problem during\n reading from guest agent (bsc#1083625).\n\n - CVE-2018-5748: Fix resource exhaustion via\n qemuMonitorIORead() method (bsc#1076500).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1079869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083625\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092885\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1064/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5748/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20182082-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b404fbb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2018-1417=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2018-1417=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:ND/RC:ND\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:X/RC:X\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-config-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-interface-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-libxl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-lxc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-network-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nodedev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-nwfilter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-qemu-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-secret-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-driver-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-lxc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-qemu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-daemon-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libvirt-lock-sanlock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/30\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-driver-libxl-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"libvirt-daemon-xen-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-client-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-client-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-config-network-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-config-nwfilter-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-interface-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-interface-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-lxc-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-lxc-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-network-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-network-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-nodedev-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-nodedev-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-nwfilter-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-nwfilter-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-qemu-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-qemu-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-secret-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-secret-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-driver-storage-debuginfo-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-lxc-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-daemon-qemu-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-debugsource-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-doc-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-lock-sanlock-1.2.18.4-22.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libvirt-lock-sanlock-debuginfo-1.2.18.4-22.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T16:23:43", "description": "This update for xen fixes several issues. These security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-06-13T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1658-1) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1658-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110509", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1658-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110509);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1658-1) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for xen fixes several issues. These security issues were\nfixed :\n\n - CVE-2018-3639: Prevent attackers with local user access\n from extracting information via a side-channel analysis,\n aka Speculative Store Bypass (SSB), Variant 4\n (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved\n Spectre v2 mitigations (bsc#1074562).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181658-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e8dccca\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2018-1129=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-debugsource-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.4_32_k3.12.61_52.133-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.4_32_k3.12.61_52.133-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.4.4_32-22.68.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.4.4_32-22.68.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-06-16T16:24:21", "description": "This update for xen fixes several issues. This feature was added :\n\n - Added support for qemu monitor command These security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-06-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1699-1) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1699-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110596", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1699-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110596);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n script_xref(name:\"IAVA\", value:\"2018-A-0019\");\n script_xref(name:\"IAVA\", value:\"2018-A-0020\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1699-1) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for xen fixes several issues. This feature was added :\n\n - Added support for qemu monitor command These security\n issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access\n from extracting information via a side-channel analysis,\n aka Speculative Store Bypass (SSB), Variant 4\n (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved\n Spectre v2 mitigations (bsc#1074562).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181699-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a307bb8\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2018-1142=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-1142=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-1142=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2018-1142=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/18\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-debugsource-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.7.5_04-43.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-06-16T16:31:53", "description": "This update for xen fixes several issues.\n\nThis feature was added :\n\nAdded support for qemu monitor command\n\nThese security issues were fixed: CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\nCVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.6, "vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"}, "published": "2018-10-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : xen (SUSE-SU-2018:1699-2) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-04-15T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-debugsource", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-libs-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-debuginfo", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1699-2.NASL", "href": "https://www.tenable.com/plugins/nessus/118266", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1699-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118266);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2017-5715\", \"CVE-2017-5753\", \"CVE-2017-5754\", \"CVE-2018-3639\");\n\n script_name(english:\"SUSE SLES12 Security Update : xen (SUSE-SU-2018:1699-2) (Meltdown) (Spectre)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for xen fixes several issues.\n\nThis feature was added :\n\nAdded support for qemu monitor command\n\nThese security issues were fixed: CVE-2018-3639: Prevent attackers\nwith local user access from extracting information via a side-channel\nanalysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\nCVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2\nmitigations (bsc#1074562).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1074562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086039\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1092631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5715/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5753/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5754/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-3639/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181699-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ac4a934f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2018-1142=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/01/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/22\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-debugsource-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.7.5_04-43.33.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-debuginfo-4.7.5_04-43.33.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-06-16T16:18:51", "description": "This update for xen to version 4.10.1 fixes several issues (bsc#1027519).\n\nThese security issues were fixed :\n\n - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4 (bsc#1092631).\n\n - CVE-2017-5753,CVE-2017-5715,CVE-2017-5754: Improved Spectre v2 mitigations (bsc#1074562).\n\nThis non-security issue was fixed :\n\n - Always call qemus xen-save-devices-state in suspend/resume to fix migration with qcow2 images (bsc#1079730)", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-2019-418) (Meltdown) (Spectre)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-5715", "CVE-2017-5753", "CVE-2017-5754", "CVE-2018-3639"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-32bit-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-418.NASL", "href": "https://www.tenable.com/plugins/nessus/123180", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-418.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123180);\n script_version(\"1.6\");\n script_set