EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1482)

2019-05-13T00:00:00

Description

According to the versions of the kernel - An information-leak vulnerability was found in the - crypto/pcrypt.c in the Linux kernel, before 4.14.13, - An elevation of privilege vulnerability in the Qualcomm Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945.(CVE-2017-0523i1/4%0 - The saa7164_bus_get function in drivers/media/pci - A flaw was found in the way the Linux kernel's splice() - The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c - In fs/ocfs2/cluster/nodemanager.c in the Linux kernel - A race condition issue leading to a use-after-free flaw - An exploitable memory corruption flaw was found in the - A security flaw was found in the Linux kernel in a way - arch/arm64/ include /asm/pgtable.h in the Linux kernel - A heap-buffer overflow vulnerability was found in the - An issue was discovered in the Linux kernel before - A memory leak in the irda_bind function in - sound/core/timer.c in the Linux kernel before 4.4.1 - Buffer overflow in the complete_emulated_mmio function - An issue was discovered in the F2FS filesystem code in - A vulnerability was found in the Linux kernel where This could result in a system crash or possible - In the Linux kernel's vmw_gb_surface_define_ioctl() - It was found that the NFSv4 server in the Linux kernel Note that Tenable Network Security has extracted packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : kernel when it truncated a file to a smaller size which consisted of an inline extent that was compressed. The data between the new file size and the old file size was not discarded and the number of bytes used by the inode were not correctly decremented, which gave the wrong report for callers of the stat(2) syscall. This wasted metadata space and allowed for the truncated data to be leaked, and data corruption or loss to occur. A caller of the clone ioctl could exploit this flaw by using only standard file-system operations without root access to read the truncated data.(CVE-2015-8374i1/4%0 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-18075i1/4%0 Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: /saa7164/saa7164-bus.c in the Linux kernel through 4.10.14 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability.(CVE-2017-8831i1/4%0 system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.(CVE-2014-7822i1/4%0 in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections allowing local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.(CVE-2017-5577i1/4%0 before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.(CVE-2017-18216i1/4%0 was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system.(CVE-2016-8655i1/4%0 Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges.(CVE-2017-1000112i1/4%0 that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.(CVE-2018-16862i1/4%0 before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.(CVE-2014-9803i1/4%0 arcmsr_iop_message_xfer() function in 'drivers/scsi/arcmsr/arcmsr_hba.c' file in the Linux kernel through 4.8.2. The function does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can potentially cause kernel heap corruption and arbitrary kernel code execution.(CVE-2016-7425i1/4%0 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.(CVE-2018-20511i1/4%0 net/irda/af_irda.c in the Linux kernel, through 4.16, allows local users to cause a denial of service due to a memory consumption by repeatedly binding an AF_IRDA socket.(CVE-2018-6554i1/4%0 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.(CVE-2016-2547i1/4%0 in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.(CVE-2014-0049i1/4%0 the Linux kernel in fs/f2fs/inode.c. A denial of service due to a slab out-of-bounds read can occur for a crafted f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.(CVE-2018-13098i1/4%0 having malicious IP options present would cause the ipv4_pktinfo_prepare() function to drop/free the dst. privilege escalation.(CVE-2017-5970i1/4%0 function, in 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' file, a 'req-i1/4zmip_levels' is a user-controlled value which is later used as a loop count limit. This allows local unprivileged user to cause a denial of service by a kernel lockup via a crafted ioctl call for a '/dev/dri/renderD*' device.(CVE-2017-7346i1/4%0 did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.(CVE-2017-8797i1/4%0 the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "EULEROS_SA-2019-1482.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1482)", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an inline extent that was compressed. The data between the new file size and the old file size was not discarded and the number of bytes used by the inode were not correctly decremented, which gave the wrong report for callers of the stat(2) syscall. This wasted metadata space and allowed for the truncated data to be leaked, and data corruption or loss to occur. A caller of the clone ioctl could exploit this flaw by using only standard file-system operations without root access to read the truncated data.(CVE-2015-8374i1/4%0\n\n - crypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-18075i1/4%0\n\n - An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product:\n Android. Versions: N/A. Android ID: A-32835279.\n References: QC-CR#1096945.(CVE-2017-0523i1/4%0\n\n - The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.10.14 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability.(CVE-2017-8831i1/4%0\n\n - A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.(CVE-2014-7822i1/4%0\n\n - The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections allowing local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.(CVE-2017-5577i1/4%0\n\n - In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.(CVE-2017-18216i1/4%0\n\n - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system.(CVE-2016-8655i1/4%0\n\n - An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges.(CVE-2017-1000112i1/4%0\n\n - A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.(CVE-2018-16862i1/4%0\n\n - arch/arm64/ include /asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.(CVE-2014-9803i1/4%0\n\n - A heap-buffer overflow vulnerability was found in the arcmsr_iop_message_xfer() function in 'drivers/scsi/arcmsr/arcmsr_hba.c' file in the Linux kernel through 4.8.2. The function does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can potentially cause kernel heap corruption and arbitrary kernel code execution.(CVE-2016-7425i1/4%0\n\n - An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.(CVE-2018-20511i1/4%0\n\n - A memory leak in the irda_bind function in net/irda/af_irda.c in the Linux kernel, through 4.16, allows local users to cause a denial of service due to a memory consumption by repeatedly binding an AF_IRDA socket.(CVE-2018-6554i1/4%0\n\n - sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.(CVE-2016-2547i1/4%0\n\n - Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancel_work_item data.(CVE-2014-0049i1/4%0\n\n - An issue was discovered in the F2FS filesystem code in the Linux kernel in fs/f2fs/inode.c. A denial of service due to a slab out-of-bounds read can occur for a crafted f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.(CVE-2018-13098i1/4%0\n\n - A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4_pktinfo_prepare() function to drop/free the dst.\n This could result in a system crash or possible privilege escalation.(CVE-2017-5970i1/4%0\n\n - In the Linux kernel's vmw_gb_surface_define_ioctl() function, in 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' file, a 'req-i1/4zmip_levels' is a user-controlled value which is later used as a loop count limit. This allows local unprivileged user to cause a denial of service by a kernel lockup via a crafted ioctl call for a '/dev/dri/renderD*' device.(CVE-2017-7346i1/4%0\n\n - It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.(CVE-2017-8797i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-05-13T00:00:00", "modified": "2021-02-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/124806", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6554", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8374", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000112", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5577", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5970", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0049", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16862", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8831", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20511", "http://www.nessus.org/u?e3610568", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13098", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18075", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2547", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7425", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0523", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18216", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7346", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8797", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9803"], "cvelist": ["CVE-2014-0049", "CVE-2014-7822", "CVE-2014-9803", "CVE-2015-8374", "CVE-2016-2547", "CVE-2016-7425", "CVE-2016-8655", "CVE-2017-0523", "CVE-2017-1000112", "CVE-2017-18075", "CVE-2017-18216", "CVE-2017-5577", "CVE-2017-5970", "CVE-2017-7346", "CVE-2017-8797", "CVE-2017-8831", "CVE-2018-13098", "CVE-2018-16862", "CVE-2018-20511", "CVE-2018-6554"], "immutableFields": [], "lastseen": "2021-09-24T12:30:43", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-476", "ALAS-2016-772", "ALAS-2017-805", "ALAS-2017-868", "ALAS-2017-870", "ALAS-2018-1133", "ALAS2-2018-1133"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-07-01", "ANDROID:2017-03-01", "ANDROID:2017-07-01"]}, {"type": "archlinux", "idList": ["ASA-201612-5", "ASA-201612-6", "ASA-201612-7", "ASA-201612-8"]}, {"type": "centos", "idList": ["CESA-2015:0102", "CESA-2015:0164", "CESA-2015:0674", "CESA-2016:2574", "CESA-2017:0386", "CESA-2017:1842", "CESA-2017:2930", "CESA-2017:3200"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0789"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:01D42C16D02067C2EABD907705968B25", "CFOUNDRY:17EB437F0AC67627647723802F6641F5", "CFOUNDRY:2AA1F360A02E665F9D2B19AB7EF0CAA9", "CFOUNDRY:3021E4215989A1024954356EA766D914", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:55CD35F3011A699D7E30AD5252951E34", "CFOUNDRY:90693B873E1E97B4D1CACB5D7BD374ED", "CFOUNDRY:C4D044657909D168617F0C63F623467E", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:EA45FD03FD447E186F125FC46918DCD9"]}, {"type": "cve", "idList": ["CVE-2014-0049", "CVE-2014-7822", "CVE-2014-9803", "CVE-2015-8374", "CVE-2016-2438", "CVE-2016-2547", "CVE-2016-7425", "CVE-2016-8655", "CVE-2017-0523", "CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-18075", "CVE-2017-18216", "CVE-2017-5577", "CVE-2017-5970", "CVE-2017-7346", "CVE-2017-8797", "CVE-2017-8813", "CVE-2017-8831", "CVE-2018-13098", "CVE-2018-16862", "CVE-2018-20511", "CVE-2018-6554"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1531-1:834CC", "DEBIAN:DLA-155-1:5E8B0", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-670-1:F2D9C", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DLA-922-1:854C7", "DEBIAN:DSA-3170-1:F6570", "DEBIAN:DSA-3426-1:7C23A", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DSA-3503-1:23448", "DEBIAN:DSA-3503-1:9DDFA", "DEBIAN:DSA-3696-1:25A5B", "DEBIAN:DSA-3696-1:EEC99", "DEBIAN:DSA-3791-1:0D4D5", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3927-1:A186E", "DEBIAN:DSA-3927-1:A5DA8", "DEBIAN:DSA-3945-1:532A6", "DEBIAN:DSA-3945-1:A4CC7", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-3981-1:3AC17", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170", "DEBIAN:DSA-4188-1:B3909", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4308-1:A5A75", "DEBIAN:DSA-4308-1:D561A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-0049", "DEBIANCVE:CVE-2014-7822", "DEBIANCVE:CVE-2014-9803", "DEBIANCVE:CVE-2015-8374", "DEBIANCVE:CVE-2016-2547", "DEBIANCVE:CVE-2016-7425", "DEBIANCVE:CVE-2016-8655", "DEBIANCVE:CVE-2017-1000111", "DEBIANCVE:CVE-2017-1000112", "DEBIANCVE:CVE-2017-18075", "DEBIANCVE:CVE-2017-18216", "DEBIANCVE:CVE-2017-5577", "DEBIANCVE:CVE-2017-5970", "DEBIANCVE:CVE-2017-7346", "DEBIANCVE:CVE-2017-8797", "DEBIANCVE:CVE-2017-8831", "DEBIANCVE:CVE-2018-13098", "DEBIANCVE:CVE-2018-16862", "DEBIANCVE:CVE-2018-20511", "DEBIANCVE:CVE-2018-6554"]}, {"type": "exploitdb", "idList": ["EDB-ID:36743", "EDB-ID:43418", "EDB-ID:44696", "EDB-ID:45147", "EDB-ID:47169", "EDB-ID:47170"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:7C26DD271630EDB66FB520C30E13D873", "EXPLOITPACK:93D47AC26E5DA900EF305FD8DD1D8904", "EXPLOITPACK:A5820DF756E60078D7D5399A134D0CEE", "EXPLOITPACK:D5BBB161063632A8D15C357D43E97C75"]}, {"type": "f5", "idList": ["F5:K11853211", "F5:K17237", "F5:K38472857", "F5:K44309215", "F5:K60104355", "F5:K60250153", "F5:K60742457", "F5:K82300604", "F5:K95005525", "SOL11853211", "SOL17237", "SOL60742457"]}, {"type": "fedora", "idList": ["FEDORA:041196190421", "FEDORA:04868606351B", "FEDORA:0960721640", "FEDORA:0D8242218A", "FEDORA:122AE604D3F9", "FEDORA:131186087E1C", "FEDORA:14809606180F", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1AE8521943", "FEDORA:1CAC0608E6F2", "FEDORA:1CCC322073", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:23B6E225A0", "FEDORA:2417521BFF", "FEDORA:250CB6087A80", "FEDORA:26C5127E25", "FEDORA:26DF321BA7", "FEDORA:2784A21C29", "FEDORA:2836F613193B", "FEDORA:28A7021A1E", "FEDORA:296826040AED", "FEDORA:2A0322BA2C", "FEDORA:2BA602158D", "FEDORA:2CDD76006271", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:3266960F0E44", "FEDORA:33D8860877E1", "FEDORA:39B5660877A6", "FEDORA:3C2FF6014B8C", "FEDORA:3C394606D98F", "FEDORA:3D3EF633571E", "FEDORA:41B546014626", "FEDORA:41D1B604B3B3", "FEDORA:4359160906D1", "FEDORA:44065605602A", "FEDORA:45042604D166", "FEDORA:4A22960A514A", "FEDORA:4CEF5610D7CA", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:511986124F82", "FEDORA:511A7608E6E1", "FEDORA:5160A6047324", "FEDORA:54CE66014B8C", "FEDORA:57F742243A", "FEDORA:5A4D662AE22C", "FEDORA:5B68260A5858", "FEDORA:648496077DD1", "FEDORA:690DE6022BA8", "FEDORA:6A93C20D15", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6E67663233DB", "FEDORA:6F1BC604D0C1", "FEDORA:756F822091", "FEDORA:7734E613B647", "FEDORA:79A0B6175384", "FEDORA:79EAC605FC25", "FEDORA:7C149604D4D2", "FEDORA:84C4E22D8F", "FEDORA:85FBF6076011", "FEDORA:89C9C6051B3A", "FEDORA:8C61D2154D", "FEDORA:8E01360DC908", "FEDORA:8FD3E60491BA", "FEDORA:9330A21FE6", "FEDORA:93C27603B29E", "FEDORA:95A686085F81", "FEDORA:98E8F6079A11", "FEDORA:9AEA46074A7D", "FEDORA:9D83A60EFF4F", "FEDORA:9E3D9606D195", "FEDORA:9FA6021249", "FEDORA:A4C8660C350E", "FEDORA:A8B9960C251A", "FEDORA:B72CD214AC", "FEDORA:B7617604D9DA", "FEDORA:B81A721D1C", "FEDORA:B83986079D12", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:BD41660BC2B1", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C49D061F375F", "FEDORA:C4D496071279", "FEDORA:C56CF6087715", "FEDORA:C64AE6007F37", "FEDORA:C6AF860C4240", "FEDORA:CD2C9609392A", "FEDORA:CFDB8604972F", "FEDORA:D15E060F33C2", "FEDORA:D69CC24B48", "FEDORA:DB49F219DE", "FEDORA:DBB1B659CBE0", "FEDORA:DE40F21338", "FEDORA:E37FD60924F1", "FEDORA:E7CE72245B", "FEDORA:E878E60F237D", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:F417F60477C5"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:9B79D262B5DA61A7E11F5134B546BA63"]}, {"type": "hackerone", "idList": ["H1:684573"]}, {"type": "ibm", "idList": ["091C926DD3372A48BCEFCA3A598C2A54BAEA4FF0AC1ADA170D539846CF9E0B12", "1DD8AD31B2B7F723FCEA86A5AA6310F75AC2C26DE6A2D73D7EFE783E7CB3CB21", "2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "475B1D5AA0EDB6A4A0012EA2C2D64B9388A6ACC5779414E8E1A98AC9B641F6AF", "61EAA34D5E4645B71F124164E8135272DB3119CF3ABDC2864377B692FCF87527", "72A14F3E1A05E87987247C3A94DA37A971910E734C842EA2FD4E32CE8B24FCF5", "A18DD1594298170A7AF630CBFFA73E78138125D119FBC5D156128BBBD99A03EC", "AF6E3EC9D5A5C3CF688EF87142347E0688A4AE1CB6831F92326966B86BF2D9C1", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "CD9B5BF488F3327F1A5D08B8A25E9EF90D7304376F44A16FB3F05E06566E80FF", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2014-0206", "MGASA-2014-0207", "MGASA-2014-0208", "MGASA-2014-0228", "MGASA-2014-0229", "MGASA-2014-0234", "MGASA-2014-0235", "MGASA-2014-0236", "MGASA-2014-0237", "MGASA-2014-0238", "MGASA-2016-0411", "MGASA-2016-0412", "MGASA-2016-0415", "MGASA-2017-0003", "MGASA-2017-0004", "MGASA-2017-0063", "MGASA-2017-0064", "MGASA-2017-0065", "MGASA-2017-0278", "MGASA-2017-0279", "MGASA-2017-0287", "MGASA-2017-0288", "MGASA-2017-0296", "MGASA-2017-0309", "MGASA-2018-0373", "MGASA-2018-0374", "MGASA-2018-0419", "MGASA-2018-0487", "MGASA-2019-0098", "MGASA-2019-0171"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-AF_PACKET_CHOCOBO_ROOT_PRIV_ESC-", "MSF:EXPLOIT-LINUX-LOCAL-UFO_PRIVILEGE_ESCALATION-"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682103", "MYHACK58:62201783692", "MYHACK58:62201789313"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1133.NASL", "ALA_ALAS-2015-476.NASL", "ALA_ALAS-2016-772.NASL", "ALA_ALAS-2017-805.NASL", "ALA_ALAS-2017-868.NASL", "ALA_ALAS-2017-870.NASL", "ALA_ALAS-2018-1133.NASL", "CENTOS_RHSA-2015-0102.NASL", "CENTOS_RHSA-2015-0164.NASL", "CENTOS_RHSA-2015-0674.NASL", "CENTOS_RHSA-2016-2574.NASL", "CENTOS_RHSA-2017-0386.NASL", "CENTOS_RHSA-2017-1842.NASL", "CENTOS_RHSA-2017-2930.NASL", "CENTOS_RHSA-2017-3200.NASL", "DEBIAN_DLA-1200.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1531.NASL", "DEBIAN_DLA-155.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DLA-772.NASL", "DEBIAN_DLA-922.NASL", "DEBIAN_DSA-3170.NASL", "DEBIAN_DSA-3426-1.NASL", "DEBIAN_DSA-3503.NASL", "DEBIAN_DSA-3696.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-3927.NASL", "DEBIAN_DSA-3945.NASL", "DEBIAN_DSA-3981.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4308.NASL", "EULEROS_SA-2017-1256.NASL", "EULEROS_SA-2017-1271.NASL", "EULEROS_SA-2019-1076.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1259.NASL", "EULEROS_SA-2019-1302.NASL", "EULEROS_SA-2019-1303.NASL", "EULEROS_SA-2019-1477.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1492.NASL", "EULEROS_SA-2019-1496.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1502.NASL", "EULEROS_SA-2019-1504.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-1587.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2019-2599.NASL", "EULEROS_SA-2020-1396.NASL", "EULEROS_SA-2020-2222.NASL", "EULEROS_SA-2021-1808.NASL", "EULEROS_SA-2021-1904.NASL", "EULEROS_SA-2021-2392.NASL", "F5_BIGIP_SOL17237.NASL", "F5_BIGIP_SOL60104355.NASL", "F5_BIGIP_SOL60742457.NASL", "FEDORA_2014-3442.NASL", "FEDORA_2014-3448.NASL", "FEDORA_2015-AC9A19888E.NASL", "FEDORA_2015-C4ED00A68F.NASL", "FEDORA_2016-107F03CC00.NASL", "FEDORA_2016-5AFF4A6BBC.NASL", "FEDORA_2016-5CB5B4082D.NASL", "FEDORA_2016-F3D1F79398.NASL", "FEDORA_2017-0054C7B1F0.NASL", "FEDORA_2017-4336D64E21.NASL", "FEDORA_2017-6CC158C193.NASL", "FEDORA_2017-73F71456D7.NASL", "FEDORA_2017-787BC0D5B4.NASL", "FEDORA_2017-81FBD592D4.NASL", "FEDORA_2018-3857A8B41A.NASL", "FEDORA_2018-87BA0312C2.NASL", "JUNIPER_SPACE_JSA_10838.NASL", "NEWSTART_CGSL_NS-SA-2019-0004_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1212.NASL", "OPENSUSE-2016-1227.NASL", "OPENSUSE-2016-1410.NASL", "OPENSUSE-2016-1426.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2016-1431.NASL", "OPENSUSE-2016-1436.NASL", "OPENSUSE-2017-245.NASL", "OPENSUSE-2017-286.NASL", "OPENSUSE-2017-287.NASL", "OPENSUSE-2017-716.NASL", "OPENSUSE-2017-929.NASL", "OPENSUSE-2017-930.NASL", "OPENSUSE-2018-1016.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2018-1184.NASL", "OPENSUSE-2019-140.NASL", "OPENSUSE-2019-65.NASL", "OPENSUSE-2019-769.NASL", "ORACLELINUX_ELSA-2014-3034.NASL", "ORACLELINUX_ELSA-2015-0102.NASL", "ORACLELINUX_ELSA-2015-0164.NASL", "ORACLELINUX_ELSA-2015-0674.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-3098.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-3617.NASL", "ORACLELINUX_ELSA-2016-3618.NASL", "ORACLELINUX_ELSA-2017-0386.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-1842.NASL", "ORACLELINUX_ELSA-2017-2930-1.NASL", "ORACLELINUX_ELSA-2017-2930.NASL", "ORACLELINUX_ELSA-2017-3200.NASL", "ORACLELINUX_ELSA-2017-3508.NASL", "ORACLELINUX_ELSA-2017-3509.NASL", "ORACLELINUX_ELSA-2017-3533.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "ORACLELINUX_ELSA-2017-3535.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2017-3609.NASL", "ORACLELINUX_ELSA-2017-3631.NASL", "ORACLELINUX_ELSA-2017-3632.NASL", "ORACLELINUX_ELSA-2017-3633.NASL", "ORACLELINUX_ELSA-2017-3635.NASL", "ORACLELINUX_ELSA-2017-3636.NASL", "ORACLELINUX_ELSA-2017-3637.NASL", "ORACLELINUX_ELSA-2017-3657.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4134.NASL", "ORACLELINUX_ELSA-2018-4145.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2019-4570.NASL", "ORACLELINUX_ELSA-2019-4575.NASL", "ORACLELINUX_ELSA-2020-5670.NASL", "ORACLELINUX_ELSA-2021-9473.NASL", "ORACLEVM_OVMSA-2015-0147.NASL", "ORACLEVM_OVMSA-2016-0133.NASL", "ORACLEVM_OVMSA-2016-0158.NASL", "ORACLEVM_OVMSA-2017-0004.NASL", "ORACLEVM_OVMSA-2017-0005.NASL", "ORACLEVM_OVMSA-2017-0056.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0058.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2017-0145.NASL", "ORACLEVM_OVMSA-2017-0163.NASL", "ORACLEVM_OVMSA-2017-0167.NASL", "ORACLEVM_OVMSA-2017-0168.NASL", "ORACLEVM_OVMSA-2017-0173.NASL", "ORACLEVM_OVMSA-2017-0174.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0231.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2019-0009.NASL", "ORACLEVM_OVMSA-2020-0019.NASL", "ORACLEVM_OVMSA-2021-0035.NASL", "PHOTONOS_PHSA-2016-0014.NASL", "PHOTONOS_PHSA-2016-0014_LINUX.NASL", "PHOTONOS_PHSA-2017-0011.NASL", "PHOTONOS_PHSA-2017-0011_LINUX.NASL", "PHOTONOS_PHSA-2017-0029.NASL", "PHOTONOS_PHSA-2017-0029_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0135.NASL", "PHOTONOS_PHSA-2018-1_0-0135_LINUX.NASL", "REDHAT-RHSA-2015-0102.NASL", "REDHAT-RHSA-2015-0164.NASL", "REDHAT-RHSA-2015-0674.NASL", "REDHAT-RHSA-2015-0694.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "REDHAT-RHSA-2017-0386.NASL", "REDHAT-RHSA-2017-0387.NASL", "REDHAT-RHSA-2017-0402.NASL", "REDHAT-RHSA-2017-1842.NASL", "REDHAT-RHSA-2017-2077.NASL", "REDHAT-RHSA-2017-2437.NASL", "REDHAT-RHSA-2017-2669.NASL", "REDHAT-RHSA-2017-2918.NASL", "REDHAT-RHSA-2017-2930.NASL", "REDHAT-RHSA-2017-2931.NASL", "REDHAT-RHSA-2017-3200.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2019-4159.NASL", "SLACKWARE_SSA_2016-347-01.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20150128_KERNEL_ON_SL7_X.NASL", "SL_20150210_KERNEL_ON_SL5_X.NASL", "SL_20150311_KERNEL_ON_SL6_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SL_20170302_KERNEL_ON_SL7_X.NASL", "SL_20170801_KERNEL_ON_SL7_X.NASL", "SL_20171019_KERNEL_ON_SL7_X.NASL", "SL_20171115_KERNEL_ON_SL6_X.NASL", "SUSE_11_KERNEL-150306.NASL", "SUSE_SU-2015-0529-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2912-1.NASL", "SUSE_SU-2016-2976-1.NASL", "SUSE_SU-2016-3039-1.NASL", "SUSE_SU-2016-3049-1.NASL", "SUSE_SU-2016-3063-1.NASL", "SUSE_SU-2016-3109-1.NASL", "SUSE_SU-2016-3111-1.NASL", "SUSE_SU-2016-3112-1.NASL", "SUSE_SU-2016-3113-1.NASL", "SUSE_SU-2016-3119-1.NASL", "SUSE_SU-2016-3197-1.NASL", "SUSE_SU-2016-3247-1.NASL", "SUSE_SU-2016-3249-1.NASL", "SUSE_SU-2017-0181-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0494-1.NASL", "SUSE_SU-2017-0517-1.NASL", "SUSE_SU-2017-0575-1.NASL", "SUSE_SU-2017-0769-1.NASL", "SUSE_SU-2017-0770-1.NASL", "SUSE_SU-2017-0771-1.NASL", "SUSE_SU-2017-0772-1.NASL", "SUSE_SU-2017-0780-1.NASL", "SUSE_SU-2017-1247-1.NASL", "SUSE_SU-2017-1281-1.NASL", "SUSE_SU-2017-1301-1.NASL", "SUSE_SU-2017-1853-1.NASL", "SUSE_SU-2017-2131-1.NASL", "SUSE_SU-2017-2142-1.NASL", "SUSE_SU-2017-2150-1.NASL", "SUSE_SU-2017-2286-1.NASL", "SUSE_SU-2017-2423-1.NASL", "SUSE_SU-2017-2424-1.NASL", "SUSE_SU-2017-2436-1.NASL", "SUSE_SU-2017-2437-1.NASL", "SUSE_SU-2017-2438-1.NASL", "SUSE_SU-2017-2439-1.NASL", "SUSE_SU-2017-2440-1.NASL", "SUSE_SU-2017-2441-1.NASL", "SUSE_SU-2017-2442-1.NASL", "SUSE_SU-2017-2443-1.NASL", "SUSE_SU-2017-2446-1.NASL", "SUSE_SU-2017-2447-1.NASL", "SUSE_SU-2017-2448-1.NASL", "SUSE_SU-2017-2475-1.NASL", "SUSE_SU-2017-2476-1.NASL", "SUSE_SU-2017-2497-1.NASL", "SUSE_SU-2017-2498-1.NASL", "SUSE_SU-2017-2499-1.NASL", "SUSE_SU-2017-2500-1.NASL", "SUSE_SU-2017-2506-1.NASL", "SUSE_SU-2017-2508-1.NASL", "SUSE_SU-2017-2509-1.NASL", "SUSE_SU-2017-2510-1.NASL", "SUSE_SU-2017-2511-1.NASL", "SUSE_SU-2017-2525-1.NASL", "SUSE_SU-2017-2775-1.NASL", "SUSE_SU-2017-2791-1.NASL", "SUSE_SU-2017-2869-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2017-2920-1.NASL", "SUSE_SU-2017-3265-1.NASL", "SUSE_SU-2018-2776-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-2980-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0196-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-0541-1.NASL", "UBUNTU_USN-2175-1.NASL", "UBUNTU_USN-2176-1.NASL", "UBUNTU_USN-2177-1.NASL", "UBUNTU_USN-2178-1.NASL", "UBUNTU_USN-2179-1.NASL", "UBUNTU_USN-2541-1.NASL", "UBUNTU_USN-2543-1.NASL", "UBUNTU_USN-2544-1.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2887-1.NASL", "UBUNTU_USN-2887-2.NASL", "UBUNTU_USN-2888-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2889-2.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2890-3.NASL", "UBUNTU_USN-2929-1.NASL", "UBUNTU_USN-2929-2.NASL", "UBUNTU_USN-2931-1.NASL", "UBUNTU_USN-2932-1.NASL", "UBUNTU_USN-2967-1.NASL", "UBUNTU_USN-3144-1.NASL", "UBUNTU_USN-3145-1.NASL", "UBUNTU_USN-3145-2.NASL", "UBUNTU_USN-3146-1.NASL", "UBUNTU_USN-3146-2.NASL", "UBUNTU_USN-3147-1.NASL", "UBUNTU_USN-3149-1.NASL", "UBUNTU_USN-3149-2.NASL", "UBUNTU_USN-3150-1.NASL", "UBUNTU_USN-3151-1.NASL", "UBUNTU_USN-3151-2.NASL", "UBUNTU_USN-3151-3.NASL", "UBUNTU_USN-3151-4.NASL", "UBUNTU_USN-3152-1.NASL", "UBUNTU_USN-3152-2.NASL", "UBUNTU_USN-3161-3.NASL", "UBUNTU_USN-3161-4.NASL", "UBUNTU_USN-3162-2.NASL", "UBUNTU_USN-3265-1.NASL", "UBUNTU_USN-3265-2.NASL", "UBUNTU_USN-3326-1.NASL", "UBUNTU_USN-3327-1.NASL", "UBUNTU_USN-3333-1.NASL", "UBUNTU_USN-3342-1.NASL", "UBUNTU_USN-3342-2.NASL", "UBUNTU_USN-3358-1.NASL", "UBUNTU_USN-3359-1.NASL", "UBUNTU_USN-3360-1.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3364-1.NASL", "UBUNTU_USN-3364-2.NASL", "UBUNTU_USN-3364-3.NASL", "UBUNTU_USN-3371-1.NASL", "UBUNTU_USN-3384-1.NASL", "UBUNTU_USN-3384-2.NASL", "UBUNTU_USN-3385-1.NASL", "UBUNTU_USN-3385-2.NASL", "UBUNTU_USN-3386-1.NASL", "UBUNTU_USN-3420-1.NASL", "UBUNTU_USN-3420-2.NASL", "UBUNTU_USN-3422-1.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3754-1.NASL", "UBUNTU_USN-3775-1.NASL", "UBUNTU_USN-3776-1.NASL", "UBUNTU_USN-3776-2.NASL", "UBUNTU_USN-3777-1.NASL", "UBUNTU_USN-3777-2.NASL", "UBUNTU_USN-3777-3.NASL", "UBUNTU_USN-3798-1.NASL", "UBUNTU_USN-3879-1.NASL", "UBUNTU_USN-3879-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL", "VIRTUOZZO_VZA-2017-032.NASL", "VIRTUOZZO_VZA-2017-062.NASL", "VIRTUOZZO_VZA-2017-063.NASL", "VIRTUOZZO_VZA-2017-071.NASL", "VIRTUOZZO_VZA-2017-072.NASL", "VIRTUOZZO_VZA-2017-073.NASL", "VIRTUOZZO_VZA-2017-076.NASL", "VIRTUOZZO_VZLSA-2017-0386.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120291", "OPENVAS:1361412562310122732", "OPENVAS:1361412562310123170", "OPENVAS:1361412562310123185", "OPENVAS:1361412562310123186", "OPENVAS:1361412562310123194", "OPENVAS:1361412562310123411", "OPENVAS:1361412562310703170", "OPENVAS:1361412562310703426", "OPENVAS:1361412562310703503", "OPENVAS:1361412562310703696", "OPENVAS:1361412562310703791", "OPENVAS:1361412562310703927", "OPENVAS:1361412562310703945", "OPENVAS:1361412562310703981", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704308", "OPENVAS:1361412562310804551", "OPENVAS:1361412562310812046", "OPENVAS:1361412562310812095", "OPENVAS:1361412562310841778", "OPENVAS:1361412562310841779", "OPENVAS:1361412562310841780", "OPENVAS:1361412562310841781", "OPENVAS:1361412562310841786", "OPENVAS:1361412562310841788", "OPENVAS:1361412562310841790", "OPENVAS:1361412562310842143", "OPENVAS:1361412562310842144", "OPENVAS:1361412562310842145", "OPENVAS:1361412562310842146", "OPENVAS:1361412562310842621", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310842627", "OPENVAS:1361412562310842628", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842632", "OPENVAS:1361412562310842686", "OPENVAS:1361412562310842687", "OPENVAS:1361412562310842690", "OPENVAS:1361412562310842692", "OPENVAS:1361412562310842735", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310842963", "OPENVAS:1361412562310842964", "OPENVAS:1361412562310842965", "OPENVAS:1361412562310842970", "OPENVAS:1361412562310842971", "OPENVAS:1361412562310842972", "OPENVAS:1361412562310842977", "OPENVAS:1361412562310842979", "OPENVAS:1361412562310842980", "OPENVAS:1361412562310842981", "OPENVAS:1361412562310842982", "OPENVAS:1361412562310842983", "OPENVAS:1361412562310842984", "OPENVAS:1361412562310842985", "OPENVAS:1361412562310842986", "OPENVAS:1361412562310842987", "OPENVAS:1361412562310842988", "OPENVAS:1361412562310842997", "OPENVAS:1361412562310842999", "OPENVAS:1361412562310843001", "OPENVAS:1361412562310843139", "OPENVAS:1361412562310843140", "OPENVAS:1361412562310843211", "OPENVAS:1361412562310843218", "OPENVAS:1361412562310843221", "OPENVAS:1361412562310843229", "OPENVAS:1361412562310843233", "OPENVAS:1361412562310843247", "OPENVAS:1361412562310843248", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843250", "OPENVAS:1361412562310843252", "OPENVAS:1361412562310843254", "OPENVAS:1361412562310843255", "OPENVAS:1361412562310843262", "OPENVAS:1361412562310843274", "OPENVAS:1361412562310843275", "OPENVAS:1361412562310843276", "OPENVAS:1361412562310843278", "OPENVAS:1361412562310843279", "OPENVAS:1361412562310843306", "OPENVAS:1361412562310843308", "OPENVAS:1361412562310843312", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310843644", "OPENVAS:1361412562310843645", "OPENVAS:1361412562310843646", "OPENVAS:1361412562310843647", "OPENVAS:1361412562310843648", "OPENVAS:1361412562310843664", "OPENVAS:1361412562310843665", "OPENVAS:1361412562310843893", "OPENVAS:1361412562310843894", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310850649", "OPENVAS:1361412562310850817", "OPENVAS:1361412562310850978", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851414", "OPENVAS:1361412562310851420", "OPENVAS:1361412562310851444", "OPENVAS:1361412562310851448", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851450", "OPENVAS:1361412562310851506", "OPENVAS:1361412562310851513", "OPENVAS:1361412562310851515", "OPENVAS:1361412562310851516", "OPENVAS:1361412562310851571", "OPENVAS:1361412562310851593", "OPENVAS:1361412562310851594", "OPENVAS:1361412562310851895", "OPENVAS:1361412562310851937", "OPENVAS:1361412562310852091", "OPENVAS:1361412562310852240", "OPENVAS:1361412562310852274", "OPENVAS:1361412562310867580", "OPENVAS:1361412562310867583", "OPENVAS:1361412562310867638", "OPENVAS:1361412562310867651", "OPENVAS:1361412562310867663", "OPENVAS:1361412562310867680", "OPENVAS:1361412562310867682", "OPENVAS:1361412562310867773", "OPENVAS:1361412562310867774", "OPENVAS:1361412562310867811", "OPENVAS:1361412562310867820", "OPENVAS:1361412562310867852", "OPENVAS:1361412562310867857", "OPENVAS:1361412562310867886", "OPENVAS:1361412562310867905", "OPENVAS:1361412562310867911", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310871309", "OPENVAS:1361412562310871312", "OPENVAS:1361412562310871336", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310871768", "OPENVAS:1361412562310871855", "OPENVAS:1361412562310871956", "OPENVAS:1361412562310872131", "OPENVAS:1361412562310872137", "OPENVAS:1361412562310872147", "OPENVAS:1361412562310872320", "OPENVAS:1361412562310872326", "OPENVAS:1361412562310872391", "OPENVAS:1361412562310872392", "OPENVAS:1361412562310873302", "OPENVAS:1361412562310873305", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310875325", "OPENVAS:1361412562310875326", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310875628", "OPENVAS:1361412562310875629", "OPENVAS:1361412562310875681", "OPENVAS:1361412562310875786", "OPENVAS:1361412562310875801", "OPENVAS:1361412562310875834", "OPENVAS:1361412562310875913", "OPENVAS:1361412562310875923", "OPENVAS:1361412562310875946", "OPENVAS:1361412562310876049", "OPENVAS:1361412562310876095", "OPENVAS:1361412562310876105", "OPENVAS:1361412562310876135", "OPENVAS:1361412562310876177", "OPENVAS:1361412562310876281", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876361", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310876423", "OPENVAS:1361412562310876445", "OPENVAS:1361412562310876479", "OPENVAS:1361412562310876510", "OPENVAS:1361412562310876555", "OPENVAS:1361412562310876586", "OPENVAS:1361412562310876621", "OPENVAS:1361412562310876666", "OPENVAS:1361412562310876750", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310876995", "OPENVAS:1361412562310882114", "OPENVAS:1361412562310882118", "OPENVAS:1361412562310882129", "OPENVAS:1361412562310882673", "OPENVAS:1361412562310882792", "OPENVAS:1361412562310882799", "OPENVAS:1361412562310890922", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891531", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562311220171256", "OPENVAS:1361412562311220171271", "OPENVAS:1361412562311220191076", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191259", "OPENVAS:1361412562311220191302", "OPENVAS:1361412562311220191303", "OPENVAS:1361412562311220191477", "OPENVAS:1361412562311220191482", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191492", "OPENVAS:1361412562311220191496", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191502", "OPENVAS:1361412562311220191504", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220191587", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220192599", "OPENVAS:1361412562311220201396", "OPENVAS:703170", "OPENVAS:703426", "OPENVAS:703503", "OPENVAS:703696", "OPENVAS:703791", "OPENVAS:804551", "OPENVAS:841778", "OPENVAS:841779", "OPENVAS:841780", "OPENVAS:841781", "OPENVAS:841786", "OPENVAS:841788", "OPENVAS:841790", "OPENVAS:867580", "OPENVAS:867583", "OPENVAS:867638", "OPENVAS:867651", "OPENVAS:867663", "OPENVAS:867680", "OPENVAS:867682", "OPENVAS:867773", "OPENVAS:867774"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-3034", "ELSA-2015-0102", "ELSA-2015-0164", "ELSA-2015-0164-1", "ELSA-2015-0674", "ELSA-2015-3098", "ELSA-2016-2574", "ELSA-2016-3617", "ELSA-2016-3618", "ELSA-2017-0386", "ELSA-2017-0386-1", "ELSA-2017-1842", "ELSA-2017-1842-1", "ELSA-2017-2930", "ELSA-2017-2930-1", "ELSA-2017-3200", "ELSA-2017-3508", "ELSA-2017-3509", "ELSA-2017-3533", "ELSA-2017-3534", "ELSA-2017-3535", "ELSA-2017-3567", "ELSA-2017-3609", "ELSA-2017-3631", "ELSA-2017-3635", "ELSA-2017-3636", "ELSA-2017-3637", "ELSA-2017-3657", "ELSA-2017-3658", "ELSA-2017-3659", "ELSA-2018-1854", "ELSA-2018-4021", "ELSA-2018-4134", "ELSA-2018-4145", "ELSA-2018-4164", "ELSA-2019-4570", "ELSA-2019-4575", "ELSA-2020-5670", "ELSA-2021-9473"]}, {"type": "osv", "idList": ["OSV:DLA-1200-1", "OSV:DLA-1369-1", "OSV:DLA-1529-1", "OSV:DLA-1531-1", "OSV:DLA-155-1", "OSV:DLA-1715-1", "OSV:DLA-1731-1", "OSV:DLA-670-1", "OSV:DLA-772-1", "OSV:DLA-922-1", "OSV:DSA-3170-1", "OSV:DSA-3503-1", "OSV:DSA-3696-1", "OSV:DSA-3791-1", "OSV:DSA-3927-1", "OSV:DSA-3945-1", "OSV:DSA-3981-1", "OSV:DSA-4187-1", "OSV:DSA-4188-1", "OSV:DSA-4308-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:147727", "PACKETSTORM:148795"]}, {"type": "photon", "idList": ["PHSA-2016-0014", "PHSA-2017-0011", "PHSA-2017-0029", "PHSA-2017-0062", "PHSA-2018-0012", "PHSA-2018-0031", "PHSA-2018-0044", "PHSA-2018-0099", "PHSA-2018-0101", "PHSA-2018-0135", "PHSA-2018-0190", "PHSA-2018-1.0-0135", "PHSA-2019-0128", "PHSA-2019-0206", "PHSA-2019-1.0-0206"]}, {"type": "redhat", "idList": ["RHSA-2015:0102", "RHSA-2015:0164", "RHSA-2015:0674", "RHSA-2015:0694", "RHSA-2016:2574", "RHSA-2016:2584", "RHSA-2017:0386", "RHSA-2017:0387", "RHSA-2017:0402", "RHSA-2017:1842", "RHSA-2017:2077", "RHSA-2017:2437", "RHSA-2017:2669", "RHSA-2017:2918", "RHSA-2017:2930", "RHSA-2017:2931", "RHSA-2017:3200", "RHSA-2018:2948", "RHSA-2019:1931", "RHSA-2019:1932", "RHSA-2019:4159"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-7425", "RH:CVE-2016-8655", "RH:CVE-2017-1000112", "RH:CVE-2017-18075", "RH:CVE-2017-18216", "RH:CVE-2017-5577", "RH:CVE-2017-5970", "RH:CVE-2017-7346", "RH:CVE-2017-8797", "RH:CVE-2017-8831", "RH:CVE-2018-13098", "RH:CVE-2018-16862", "RH:CVE-2018-20511", "RH:CVE-2018-6554"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30536", "SECURITYVULNS:DOC:31766", "SECURITYVULNS:VULN:13706", "SECURITYVULNS:VULN:14292"]}, {"type": "seebug", "idList": ["SSV:61637", "SSV:92567", "SSV:96343"]}, {"type": "slackware", "idList": ["SSA-2016-347-01", "SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0714-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2583-1", "OPENSUSE-SU-2016:2625-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2016:3021-1", "OPENSUSE-SU-2016:3050-1", "OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2016:3061-1", "OPENSUSE-SU-2016:3077-1", "OPENSUSE-SU-2017:0456-1", "OPENSUSE-SU-2017:0541-1", "OPENSUSE-SU-2017:0547-1", "OPENSUSE-SU-2017:1633-1", "OPENSUSE-SU-2017:2169-1", "OPENSUSE-SU-2017:2171-1", "OPENSUSE-SU-2018:2738-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "OPENSUSE-SU-2019:0065-1", "OPENSUSE-SU-2019:0140-1", "SUSE-SU-2015:0529-1", "SUSE-SU-2015:0581-1", "SUSE-SU-2015:0736-1", "SUSE-SU-2015:1488-1", "SUSE-SU-2015:1489-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2912-1", "SUSE-SU-2016:2976-1", "SUSE-SU-2016:3039-1", "SUSE-SU-2016:3049-1", "SUSE-SU-2016:3063-1", "SUSE-SU-2016:3069-1", "SUSE-SU-2016:3093-1", "SUSE-SU-2016:3094-1", "SUSE-SU-2016:3096-1", "SUSE-SU-2016:3098-1", "SUSE-SU-2016:3100-1", "SUSE-SU-2016:3104-1", "SUSE-SU-2016:3109-1", "SUSE-SU-2016:3111-1", "SUSE-SU-2016:3112-1", "SUSE-SU-2016:3113-1", "SUSE-SU-2016:3116-1", "SUSE-SU-2016:3117-1", "SUSE-SU-2016:3119-1", "SUSE-SU-2016:3169-1", "SUSE-SU-2016:3183-1", "SUSE-SU-2016:3197-1", "SUSE-SU-2016:3205-1", "SUSE-SU-2016:3206-1", "SUSE-SU-2016:3247-1", "SUSE-SU-2016:3249-1", "SUSE-SU-2016:3304-1", "SUSE-SU-2017:0181-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0407-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0494-1", "SUSE-SU-2017:0517-1", "SUSE-SU-2017:0575-1", "SUSE-SU-2017:0759-1", "SUSE-SU-2017:0760-1", "SUSE-SU-2017:0762-1", "SUSE-SU-2017:0763-1", "SUSE-SU-2017:0764-1", "SUSE-SU-2017:0766-1", "SUSE-SU-2017:0767-1", "SUSE-SU-2017:0768-1", "SUSE-SU-2017:0769-1", "SUSE-SU-2017:0770-1", "SUSE-SU-2017:0771-1", "SUSE-SU-2017:0772-1", "SUSE-SU-2017:0773-1", "SUSE-SU-2017:0774-1", "SUSE-SU-2017:0775-1", "SUSE-SU-2017:0776-1", "SUSE-SU-2017:0777-1", "SUSE-SU-2017:0778-1", "SUSE-SU-2017:0779-1", "SUSE-SU-2017:0780-1", "SUSE-SU-2017:0781-1", "SUSE-SU-2017:0786-1", "SUSE-SU-2017:1247-1", "SUSE-SU-2017:1281-1", "SUSE-SU-2017:1301-1", "SUSE-SU-2017:1853-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2043-1", "SUSE-SU-2017:2046-1", "SUSE-SU-2017:2062-1", "SUSE-SU-2017:2064-1", "SUSE-SU-2017:2065-1", "SUSE-SU-2017:2066-1", "SUSE-SU-2017:2067-1", "SUSE-SU-2017:2070-1", "SUSE-SU-2017:2131-1", "SUSE-SU-2017:2142-1", "SUSE-SU-2017:2150-1", "SUSE-SU-2017:2286-1", "SUSE-SU-2017:2342-1", "SUSE-SU-2017:2423-1", "SUSE-SU-2017:2424-1", "SUSE-SU-2017:2436-1", "SUSE-SU-2017:2437-1", "SUSE-SU-2017:2438-1", "SUSE-SU-2017:2438-2", "SUSE-SU-2017:2439-1", "SUSE-SU-2017:2440-1", "SUSE-SU-2017:2441-1", "SUSE-SU-2017:2442-1", "SUSE-SU-2017:2443-1", "SUSE-SU-2017:2447-1", "SUSE-SU-2017:2448-1", "SUSE-SU-2017:2454-1", "SUSE-SU-2017:2455-1", "SUSE-SU-2017:2456-1", "SUSE-SU-2017:2457-1", "SUSE-SU-2017:2464-1", "SUSE-SU-2017:2465-1", "SUSE-SU-2017:2469-1", "SUSE-SU-2017:2471-1", "SUSE-SU-2017:2472-1", "SUSE-SU-2017:2473-1", "SUSE-SU-2017:2474-1", "SUSE-SU-2017:2475-1", "SUSE-SU-2017:2476-1", "SUSE-SU-2017:2497-1", "SUSE-SU-2017:2498-1", "SUSE-SU-2017:2499-1", "SUSE-SU-2017:2500-1", "SUSE-SU-2017:2506-1", "SUSE-SU-2017:2508-1", "SUSE-SU-2017:2509-1", "SUSE-SU-2017:2510-1", "SUSE-SU-2017:2511-1", "SUSE-SU-2017:2525-1", "SUSE-SU-2017:2694-1", "SUSE-SU-2017:2775-1", "SUSE-SU-2017:2791-1", "SUSE-SU-2017:2813-1", "SUSE-SU-2017:2869-1", "SUSE-SU-2017:2908-1", "SUSE-SU-2017:2920-1", "SUSE-SU-2017:2956-1", "SUSE-SU-2017:3265-1", "SUSE-SU-2018:0568-1", "SUSE-SU-2018:0572-1", "SUSE-SU-2018:0573-1", "SUSE-SU-2018:0574-1", "SUSE-SU-2018:0575-1", "SUSE-SU-2018:0576-1", "SUSE-SU-2018:0577-1", "SUSE-SU-2018:0578-1", "SUSE-SU-2018:0579-1", "SUSE-SU-2018:0582-1", "SUSE-SU-2018:0584-1", "SUSE-SU-2018:0586-1", "SUSE-SU-2018:0590-1", "SUSE-SU-2018:0591-1", "SUSE-SU-2018:0592-1", "SUSE-SU-2018:0593-1", "SUSE-SU-2018:0594-1", "SUSE-SU-2018:0595-1", "SUSE-SU-2018:0596-1", "SUSE-SU-2018:0597-1"]}, {"type": "symantec", "idList": ["SMNTC-1404"]}, {"type": "thn", "idList": ["THN:04F5FC12455795F06BC21F5C803FA77E", "THN:11E7CC33794D9968747131F3F0AE8716"]}, {"type": "threatpost", "idList": ["THREATPOST:4BAB3AEE5B76128AABB31A552AEFFE2F", "THREATPOST:71B135B09C0B20493E1A02875B015BA4"]}, {"type": "ubuntu", "idList": ["USN-2175-1", "USN-2176-1", "USN-2177-1", "USN-2178-1", "USN-2179-1", "USN-2180-1", "USN-2181-1", "USN-2541-1", "USN-2542-1", "USN-2543-1", "USN-2544-1", "USN-2886-1", "USN-2886-2", "USN-2887-1", "USN-2887-2", "USN-2888-1", "USN-2889-1", "USN-2889-2", "USN-2890-1", "USN-2890-2", "USN-2890-3", "USN-2929-1", "USN-2929-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2931-1", "USN-2932-1", "USN-2967-1", "USN-2967-2", "USN-3144-1", "USN-3144-2", "USN-3145-1", "USN-3145-2", "USN-3146-1", "USN-3146-2", "USN-3147-1", "USN-3149-1", "USN-3149-2", "USN-3150-1", "USN-3150-2", "USN-3151-1", "USN-3151-2", "USN-3151-3", "USN-3151-4", "USN-3152-1", "USN-3152-2", "USN-3161-3", "USN-3161-4", "USN-3162-2", "USN-3265-1", "USN-3265-2", "USN-3342-1", "USN-3342-2", "USN-3358-1", "USN-3359-1", "USN-3360-1", "USN-3360-2", "USN-3361-1", "USN-3364-1", "USN-3364-2", "USN-3364-3", "USN-3371-1", "USN-3384-1", "USN-3384-2", "USN-3385-1", "USN-3385-2", "USN-3386-1", "USN-3386-2", "USN-3420-1", "USN-3420-2", "USN-3422-1", "USN-3422-2", "USN-3619-1", "USN-3619-2", "USN-3754-1", "USN-3775-1", "USN-3775-2", "USN-3776-1", "USN-3776-2", "USN-3777-1", "USN-3777-2", "USN-3777-3", "USN-3798-1", "USN-3798-2", "USN-3879-1", "USN-3879-2", "USN-4094-1", "USN-4118-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-0049", "UB:CVE-2014-7822", "UB:CVE-2014-9803", "UB:CVE-2015-8374", "UB:CVE-2016-2547", "UB:CVE-2016-7425", "UB:CVE-2016-8655", "UB:CVE-2017-0523", "UB:CVE-2017-1000", "UB:CVE-2017-1000111", "UB:CVE-2017-1000112", "UB:CVE-2017-18075", "UB:CVE-2017-18216", "UB:CVE-2017-5577", "UB:CVE-2017-5970", "UB:CVE-2017-7346", "UB:CVE-2017-8797", "UB:CVE-2017-8831", "UB:CVE-2018-13098", "UB:CVE-2018-16862", "UB:CVE-2018-20511", "UB:CVE-2018-6554"]}, {"type": "virtuozzo", "idList": ["VZA-2017-032", "VZA-2017-062", "VZA-2017-063", "VZA-2017-071", "VZA-2017-072", "VZA-2017-073", "VZA-2017-075", "VZA-2017-076"]}, {"type": "zdt", "idList": ["1337DAY-ID-26493", "1337DAY-ID-30429", "1337DAY-ID-33037"]}]}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-868", "ALAS-2017-870"]}, {"type": "archlinux", "idList": ["ASA-201612-5", "ASA-201612-6", "ASA-201612-7"]}, {"type": "centos", "idList": ["CESA-2017:2930"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2017-0789"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:01D42C16D02067C2EABD907705968B25", "CFOUNDRY:2AA1F360A02E665F9D2B19AB7EF0CAA9", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:55CD35F3011A699D7E30AD5252951E34", "CFOUNDRY:90693B873E1E97B4D1CACB5D7BD374ED", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F"]}, {"type": "cve", "idList": ["CVE-2014-0049", "CVE-2015-8374", "CVE-2016-7425", "CVE-2016-8655", "CVE-2017-0523", "CVE-2017-18075", "CVE-2017-5577", "CVE-2017-5970"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1531-1:834CC", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3927-1:A186E", "DEBIAN:DSA-3945-1:532A6", "DEBIAN:DSA-3981-1:0F636", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4308-1:D561A"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-0049", "DEBIANCVE:CVE-2014-7822", "DEBIANCVE:CVE-2014-9803", "DEBIANCVE:CVE-2015-8374", "DEBIANCVE:CVE-2016-2547", "DEBIANCVE:CVE-2016-7425", "DEBIANCVE:CVE-2016-8655", "DEBIANCVE:CVE-2017-1000112", "DEBIANCVE:CVE-2017-18075", "DEBIANCVE:CVE-2017-18216", "DEBIANCVE:CVE-2017-5577", "DEBIANCVE:CVE-2017-5970", "DEBIANCVE:CVE-2017-7346", "DEBIANCVE:CVE-2017-8797", "DEBIANCVE:CVE-2017-8831", "DEBIANCVE:CVE-2018-13098", "DEBIANCVE:CVE-2018-16862", "DEBIANCVE:CVE-2018-20511", "DEBIANCVE:CVE-2018-6554"]}, {"type": "exploitdb", "idList": ["EDB-ID:43418", "EDB-ID:44696"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:A5820DF756E60078D7D5399A134D0CEE"]}, {"type": "f5", "idList": ["F5:K38472857", "F5:K95005525", "SOL60742457"]}, {"type": "fedora", "idList": ["FEDORA:122AE604D3F9", "FEDORA:20DCB60779B2", "FEDORA:22D77604972B", "FEDORA:250CB6087A80", "FEDORA:296826040AED", "FEDORA:2CDD76006271", "FEDORA:3266960F0E44", "FEDORA:3C2FF6014B8C", "FEDORA:3D3EF633571E", "FEDORA:41B546014626", "FEDORA:41D1B604B3B3", "FEDORA:44065605602A", "FEDORA:4A22960A514A", "FEDORA:4CF35608BFEA", "FEDORA:4D5AD601FDAC", "FEDORA:54CE66014B8C", "FEDORA:5B68260A5858", "FEDORA:648496077DD1", "FEDORA:6B66A6047312", "FEDORA:6B6B360567FC", "FEDORA:6F1BC604D0C1", "FEDORA:79A0B6175384", "FEDORA:7C149604D4D2", "FEDORA:8FD3E60491BA", "FEDORA:93C27603B29E", "FEDORA:95A686085F81", "FEDORA:9D83A60EFF4F", "FEDORA:9E3D9606D195", "FEDORA:A8B9960C251A", "FEDORA:B7617604D9DA", "FEDORA:B83986079D12", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:DBB1B659CBE0", "FEDORA:E878E60F237D", "FEDORA:E88866014636", "FEDORA:E93AE6077DCD", "FEDORA:F417F60477C5"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:9B79D262B5DA61A7E11F5134B546BA63"]}, {"type": "hackerone", "idList": ["H1:684573"]}, {"type": "ibm", "idList": ["475B1D5AA0EDB6A4A0012EA2C2D64B9388A6ACC5779414E8E1A98AC9B641F6AF"]}, {"type": "kitploit", "idList": ["KITPLOIT:4462385753504235463"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/LINUX/LOCAL/AF_PACKET_CHOCOBO_ROOT_PRIV_ESC"]}, {"type": "myhack58", "idList": ["MYHACK58:62201682103", "MYHACK58:62201783692"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-2930.NASL", "DEBIAN_DLA-1531.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DSA-3696.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-4308.NASL", "FEDORA_2016-107F03CC00.NASL", "FEDORA_2016-5AFF4A6BBC.NASL", "FEDORA_2016-5CB5B4082D.NASL", "FEDORA_2017-0054C7B1F0.NASL", "FEDORA_2017-6CC158C193.NASL", "FEDORA_2017-787BC0D5B4.NASL", "FEDORA_2017-81FBD592D4.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "OPENSUSE-2016-1212.NASL", "OPENSUSE-2016-1436.NASL", "OPENSUSE-2017-286.NASL", "OPENSUSE-2017-287.NASL", "OPENSUSE-2018-1140.NASL", "OPENSUSE-2019-769.NASL", "ORACLELINUX_ELSA-2017-2930-1.NASL", "ORACLELINUX_ELSA-2017-2930.NASL", "ORACLELINUX_ELSA-2017-3631.NASL", "ORACLELINUX_ELSA-2019-4570.NASL", "ORACLELINUX_ELSA-2019-4575.NASL", "ORACLEVM_OVMSA-2017-0163.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2019-0009.NASL", "REDHAT-RHSA-2017-0402.NASL", "REDHAT-RHSA-2017-2918.NASL", "REDHAT-RHSA-2017-2930.NASL", "REDHAT-RHSA-2017-2931.NASL", "SLACKWARE_SSA_2016-347-01.NASL", "SL_20171019_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2016-3039-1.NASL", "SUSE_SU-2016-3049-1.NASL", "SUSE_SU-2016-3063-1.NASL", "SUSE_SU-2016-3113-1.NASL", "SUSE_SU-2016-3197-1.NASL", "SUSE_SU-2016-3247-1.NASL", "SUSE_SU-2017-0517-1.NASL", "SUSE_SU-2017-0769-1.NASL", "SUSE_SU-2017-0770-1.NASL", "SUSE_SU-2017-0771-1.NASL", "SUSE_SU-2017-0772-1.NASL", "SUSE_SU-2017-0780-1.NASL", "SUSE_SU-2017-2775-1.NASL", "SUSE_SU-2017-2791-1.NASL", "SUSE_SU-2017-2869-1.NASL", "SUSE_SU-2017-2908-1.NASL", "SUSE_SU-2018-2858-1.NASL", "SUSE_SU-2018-2879-1.NASL", "SUSE_SU-2018-2907-1.NASL", "SUSE_SU-2018-2908-1.NASL", "SUSE_SU-2018-3083-1.NASL", "SUSE_SU-2018-3084-1.NASL", "SUSE_SU-2019-0541-1.NASL", "UBUNTU_USN-2175-1.NASL", "UBUNTU_USN-2177-1.NASL", "UBUNTU_USN-2178-1.NASL", "UBUNTU_USN-2179-1.NASL", "UBUNTU_USN-3149-1.NASL", "UBUNTU_USN-3149-2.NASL", "UBUNTU_USN-3150-1.NASL", "UBUNTU_USN-3151-1.NASL", "UBUNTU_USN-3151-2.NASL", "UBUNTU_USN-3151-3.NASL", "UBUNTU_USN-3151-4.NASL", "UBUNTU_USN-3152-1.NASL", "UBUNTU_USN-3152-2.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3775-1.NASL", "UBUNTU_USN-3776-1.NASL", "UBUNTU_USN-3776-2.NASL", "UBUNTU_USN-3777-1.NASL", "UBUNTU_USN-3777-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704308", "OPENVAS:1361412562310812046", "OPENVAS:1361412562310842979", "OPENVAS:1361412562310842980", "OPENVAS:1361412562310842981", "OPENVAS:1361412562310842982", "OPENVAS:1361412562310842983", "OPENVAS:1361412562310842984", "OPENVAS:1361412562310842985", "OPENVAS:1361412562310842986", "OPENVAS:1361412562310842987", "OPENVAS:1361412562310842988", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843644", "OPENVAS:1361412562310843646", "OPENVAS:1361412562310843647", "OPENVAS:1361412562310843648", "OPENVAS:1361412562310851450", "OPENVAS:1361412562310872131", "OPENVAS:1361412562310872137", "OPENVAS:1361412562310872147", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310876869", "OPENVAS:1361412562310876943", "OPENVAS:1361412562310891531"]}, {"type": "oraclelinux", "idList": ["ELSA-2017-2930", "ELSA-2017-2930-1", "ELSA-2017-3631", "ELSA-2018-4021"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:147727"]}, {"type": "photon", "idList": ["PHSA-2017-0029", "PHSA-2018-1.0-0135", "PHSA-2019-1.0-0206"]}, {"type": "redhat", "idList": ["RHSA-2017:0402"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-8655", "RH:CVE-2017-18216", "RH:CVE-2017-5577", "RH:CVE-2017-5970", "RH:CVE-2017-7346", "RH:CVE-2017-8797", "RH:CVE-2017-8831"]}, {"type": "seebug", "idList": ["SSV:92567", "SSV:96343"]}, {"type": "slackware", "idList": ["SSA-2016-347-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:2583-1", "OPENSUSE-SU-2016:3077-1", "OPENSUSE-SU-2017:0541-1", "OPENSUSE-SU-2017:0547-1", "OPENSUSE-SU-2018:3071-1", "OPENSUSE-SU-2018:3202-1", "SUSE-SU-2016:3039-1", "SUSE-SU-2016:3049-1", "SUSE-SU-2016:3063-1", "SUSE-SU-2016:3096-1", "SUSE-SU-2016:3113-1", "SUSE-SU-2016:3116-1", "SUSE-SU-2016:3117-1", "SUSE-SU-2016:3169-1", "SUSE-SU-2016:3183-1", "SUSE-SU-2016:3197-1", "SUSE-SU-2016:3205-1", "SUSE-SU-2016:3206-1", "SUSE-SU-2016:3247-1", "SUSE-SU-2017:0517-1", "SUSE-SU-2017:0759-1", "SUSE-SU-2017:0760-1", "SUSE-SU-2017:0762-1", "SUSE-SU-2017:0763-1", "SUSE-SU-2017:0764-1", "SUSE-SU-2017:0766-1", "SUSE-SU-2017:0767-1", "SUSE-SU-2017:0768-1", "SUSE-SU-2017:0769-1", "SUSE-SU-2017:0770-1", "SUSE-SU-2017:0771-1", "SUSE-SU-2017:0772-1", "SUSE-SU-2017:0773-1", "SUSE-SU-2017:0774-1", "SUSE-SU-2017:0775-1", "SUSE-SU-2017:0776-1", "SUSE-SU-2017:0777-1", "SUSE-SU-2017:0778-1", "SUSE-SU-2017:0779-1", "SUSE-SU-2017:0780-1", "SUSE-SU-2017:0781-1", "SUSE-SU-2017:0786-1", "SUSE-SU-2017:2775-1", "SUSE-SU-2017:2791-1", "SUSE-SU-2017:2813-1", "SUSE-SU-2017:2869-1", "SUSE-SU-2017:2908-1"]}, {"type": "symantec", "idList": ["SMNTC-1404"]}, {"type": "thn", "idList": ["THN:04F5FC12455795F06BC21F5C803FA77E", "THN:11E7CC33794D9968747131F3F0AE8716"]}, {"type": "threatpost", "idList": ["THREATPOST:71B135B09C0B20493E1A02875B015BA4"]}, {"type": "ubuntu", "idList": ["USN-2929-1", "USN-2929-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2932-1", "USN-2967-1", "USN-2967-2", "USN-3149-1", "USN-3150-2", "USN-3151-3", "USN-3151-4", "USN-3152-2", "USN-3265-2", "USN-3342-1", "USN-3384-1", "USN-3385-2", "USN-3619-1", "USN-3775-1", "USN-3775-2", "USN-3776-1", "USN-3776-2", "USN-3777-1", "USN-3777-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-18216", "UB:CVE-2018-13098", "UB:CVE-2018-16862", "UB:CVE-2018-20511", "UB:CVE-2018-6554"]}, {"type": "virtuozzo", "idList": ["VZA-2017-032", "VZA-2017-062", "VZA-2017-063", "VZA-2017-071", "VZA-2017-072", "VZA-2017-073", "VZA-2017-075", "VZA-2017-076"]}, {"type": "zdt", "idList": ["1337DAY-ID-26493", "1337DAY-ID-30429"]}]}, "exploitation": null, "vulnersScore": 0.7}, "pluginID": "124806", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124806);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2014-0049\",\n \"CVE-2014-7822\",\n \"CVE-2014-9803\",\n \"CVE-2015-8374\",\n \"CVE-2016-2547\",\n \"CVE-2016-7425\",\n \"CVE-2016-8655\",\n \"CVE-2017-0523\",\n \"CVE-2017-1000112\",\n \"CVE-2017-18075\",\n \"CVE-2017-18216\",\n \"CVE-2017-5577\",\n \"CVE-2017-5970\",\n \"CVE-2017-7346\",\n \"CVE-2017-8797\",\n \"CVE-2017-8831\",\n \"CVE-2018-13098\",\n \"CVE-2018-16862\",\n \"CVE-2018-20511\",\n \"CVE-2018-6554\"\n );\n script_bugtraq_id(\n 65909,\n 72347\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1482)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - An information-leak vulnerability was found in the\n kernel when it truncated a file to a smaller size which\n consisted of an inline extent that was compressed. The\n data between the new file size and the old file size\n was not discarded and the number of bytes used by the\n inode were not correctly decremented, which gave the\n wrong report for callers of the stat(2) syscall. This\n wasted metadata space and allowed for the truncated\n data to be leaked, and data corruption or loss to\n occur. A caller of the clone ioctl could exploit this\n flaw by using only standard file-system operations\n without root access to read the truncated\n data.(CVE-2015-8374i1/4%0\n\n - crypto/pcrypt.c in the Linux kernel, before 4.14.13,\n mishandles freeing instances, allowing a local user\n able to access the AF_ALG-based AEAD interface\n (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service\n (kfree of an incorrect pointer) or possibly have\n unspecified other impact by executing a crafted\n sequence of system calls. Due to the nature of the\n flaw, privilege escalation cannot be fully ruled out,\n although we believe it is unlikely.(CVE-2017-18075i1/4%0\n\n - An elevation of privilege vulnerability in the Qualcomm\n Wi-Fi driver could enable a local malicious application\n to execute arbitrary code within the context of the\n kernel. This issue is rated as High because it first\n requires compromising a privileged process. Product:\n Android. Versions: N/A. Android ID: A-32835279.\n References: QC-CR#1096945.(CVE-2017-0523i1/4%0\n\n - The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux\n kernel through 4.10.14 allows local users to cause a\n denial of service (out-of-bounds array access) or\n possibly have unspecified other impact by changing a\n certain sequence-number value, aka a 'double fetch'\n vulnerability.(CVE-2017-8831i1/4%0\n\n - A flaw was found in the way the Linux kernel's splice()\n system call validated its parameters. On certain file\n systems, a local, unprivileged user could use this flaw\n to write past the maximum file size, and thus crash the\n system.(CVE-2014-7822i1/4%0\n\n - The vc4_get_bcl function in\n drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM\n driver in the Linux kernel before 4.9.7 does not set an\n errno value upon certain overflow detections allowing\n local users to cause a denial of service (incorrect\n pointer dereference and OOPS) via inconsistent size\n values in a VC4_SUBMIT_CL ioctl call.(CVE-2017-5577i1/4%0\n\n - In fs/ocfs2/cluster/nodemanager.c in the Linux kernel\n before 4.15, local users can cause a denial of service\n (NULL pointer dereference and BUG) because a required\n mutex is not used.(CVE-2017-18216i1/4%0\n\n - A race condition issue leading to a use-after-free flaw\n was found in the way the raw packet sockets\n implementation in the Linux kernel networking subsystem\n handled synchronization while creating the TPACKET_V3\n ring buffer. A local user able to open a raw packet\n socket (requires the CAP_NET_RAW capability) could use\n this flaw to elevate their privileges on the\n system.(CVE-2016-8655i1/4%0\n\n - An exploitable memory corruption flaw was found in the\n Linux kernel. The append path can be erroneously\n switched from UFO to non-UFO in ip_ufo_append_data()\n when building an UFO packet with MSG_MORE option. If\n unprivileged user namespaces are available, this flaw\n can be exploited to gain root\n privileges.(CVE-2017-1000112i1/4%0\n\n - A security flaw was found in the Linux kernel in a way\n that the cleancache subsystem clears an inode after the\n final file truncation (removal). The new file created\n with the same inode may contain leftover pages from\n cleancache and the old file data instead of the new\n one.(CVE-2018-16862i1/4%0\n\n - arch/arm64/ include /asm/pgtable.h in the Linux kernel\n before 3.15-rc5-next-20140519, as used in Android\n before 2016-07-05 on Nexus 5X and 6P devices,\n mishandles execute-only pages, which allows attackers\n to gain privileges via a crafted application, aka\n Android internal bug 28557020.(CVE-2014-9803i1/4%0\n\n - A heap-buffer overflow vulnerability was found in the\n arcmsr_iop_message_xfer() function in\n 'drivers/scsi/arcmsr/arcmsr_hba.c' file in the Linux\n kernel through 4.8.2. The function does not restrict a\n certain length field, which allows local users to gain\n privileges or cause a denial of service via an\n ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can\n potentially cause kernel heap corruption and arbitrary\n kernel code execution.(CVE-2016-7425i1/4%0\n\n - An issue was discovered in the Linux kernel before\n 4.18.11. The ipddp_ioctl function in\n drivers/net/appletalk/ipddp.c allows local users to\n obtain sensitive kernel address information by\n leveraging CAP_NET_ADMIN to read the ipddp_route dev\n and next fields via an SIOCFINDIPDDPRT ioctl\n call.(CVE-2018-20511i1/4%0\n\n - A memory leak in the irda_bind function in\n net/irda/af_irda.c in the Linux kernel, through 4.16,\n allows local users to cause a denial of service due to\n a memory consumption by repeatedly binding an AF_IRDA\n socket.(CVE-2018-6554i1/4%0\n\n - sound/core/timer.c in the Linux kernel before 4.4.1\n employs a locking approach that does not consider slave\n timer instances, which allows local users to cause a\n denial of service (race condition, use-after-free, and\n system crash) via a crafted ioctl\n call.(CVE-2016-2547i1/4%0\n\n - Buffer overflow in the complete_emulated_mmio function\n in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6\n allows guest OS users to execute arbitrary code on the\n host OS by leveraging a loop that triggers an invalid\n memory copy affecting certain cancel_work_item\n data.(CVE-2014-0049i1/4%0\n\n - An issue was discovered in the F2FS filesystem code in\n the Linux kernel in fs/f2fs/inode.c. A denial of\n service due to a slab out-of-bounds read can occur for\n a crafted f2fs filesystem image in which FI_EXTRA_ATTR\n is set in an inode.(CVE-2018-13098i1/4%0\n\n - A vulnerability was found in the Linux kernel where\n having malicious IP options present would cause the\n ipv4_pktinfo_prepare() function to drop/free the dst.\n This could result in a system crash or possible\n privilege escalation.(CVE-2017-5970i1/4%0\n\n - In the Linux kernel's vmw_gb_surface_define_ioctl()\n function, in 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c'\n file, a 'req-i1/4zmip_levels' is a user-controlled value\n which is later used as a loop count limit. This allows\n local unprivileged user to cause a denial of service by\n a kernel lockup via a crafted ioctl call for a\n '/dev/dri/renderD*' device.(CVE-2017-7346i1/4%0\n\n - It was found that the NFSv4 server in the Linux kernel\n did not properly validate layout type when processing\n NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A\n remote attacker could use this flaw to soft-lockup the\n system and thus cause denial of\n service.(CVE-2017-8797i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1482\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e3610568\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "solution": "Update the affected kernel packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "Critical", "score": "9.7"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-05-09T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["Core Impact", "Metasploit(Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation)"], "_state": {"dependencies": 1660012827, "score": 1659997277}, "_internal": {"score_hash": "3b7b093ed30c1ffc12555debe12e25a1"}, "vendor_cvss2": {}, "vendor_cvss3": {}}

{"openvas": [{"lastseen": "2020-02-05T16:38:04", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1482)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655", "CVE-2018-13098", "CVE-2014-7822", "CVE-2017-5577", "CVE-2017-7346", "CVE-2017-18075", "CVE-2017-5970", "CVE-2017-0523", "CVE-2017-8831", "CVE-2016-2547", "CVE-2018-16862", "CVE-2016-7425", "CVE-2017-1000112", "CVE-2014-9803", "CVE-2015-8374", "CVE-2014-0049", "CVE-2017-18216", "CVE-2017-8797", "CVE-2018-6554", "CVE-2018-20511"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191482", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1482\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2014-0049\", \"CVE-2014-7822\", \"CVE-2014-9803\", \"CVE-2015-8374\", \"CVE-2016-2547\", \"CVE-2016-7425\", \"CVE-2016-8655\", \"CVE-2017-0523\", \"CVE-2017-1000112\", \"CVE-2017-18075\", \"CVE-2017-18216\", \"CVE-2017-5577\", \"CVE-2017-5970\", \"CVE-2017-7346\", \"CVE-2017-8797\", \"CVE-2017-8831\", \"CVE-2018-13098\", \"CVE-2018-16862\", \"CVE-2018-20511\", \"CVE-2018-6554\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:52:36 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1482)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1482\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1482\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1482 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an inline extent that was compressed. The data between the new file size and the old file size was not discarded and the number of bytes used by the inode were not correctly decremented, which gave the wrong report for callers of the stat(2) syscall. This wasted metadata space and allowed for the truncated data to be leaked, and data corruption or loss to occur. A caller of the clone ioctl could exploit this flaw by using only standard file-system operations without root access to read the truncated data.(CVE-2015-8374)\n\ncrypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2017-18075)\n\nAn elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945.(CVE-2017-0523)\n\nThe saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.10.14 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability.(CVE-2017-8831)\n\nA flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.(CVE-2014-7822)\n\nThe vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections allowing local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.(CVE-2017-5577)\n\nIn fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.(CVE-2017-18216) ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:28:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2017:2171-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000111", "CVE-2017-8831", "CVE-2017-1000112"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851593", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851593", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851593\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-08-16 07:33:36 +0200 (Wed, 16 Aug 2017)\");\n script_cve_id(\"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-8831\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2017:2171-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.3 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could\n be exploited to cause out-of-bounds memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could\n have been exploited by unprivileged users to gain root access.\n (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed\n local users to cause a denial of service (out-of-bounds array access) or\n possibly have unspecified other impact by changing a certain\n sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).\n\n The following non-security bugs were fixed:\n\n - acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2\n (bsc#1052325).\n\n - acpi/nfit: Issue Start ARS to retrieve existing records (bsc#1052325).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n\n - block: do not allow updates through sysfs until registration completes\n (bsc#1047027).\n\n - config: disable CONFIG_RT_GROUP_SCHED (bsc#1052204).\n\n - drivers: hv: : As a bandaid, increase HV_UTIL_TIMEOUT from 30 to 60\n seconds (bnc#1039153)\n\n - drivers: hv: Fix a typo (fate#320485).\n\n - drivers: hv: util: Make hv_poll_channel() a little more efficient\n (fate#320485).\n\n - drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page\n (fate#320485).\n\n - drivers: hv: vmbus: Fix error code returned by vmbus_post_msg()\n (fate#320485).\n\n - Fix kABI breakage with CONFIG_RT_GROUP_SCHED=n (bsc#1052204).\n\n - hv_netvsc: change netvsc device default duplex to FULL (fate#320485).\n\n - hv_netvsc: Fix the carrier state error when data path is off\n (fate#320485).\n\n - hv_netvsc: Remove unnecessary var link_state from struct\n netvsc_device_info (fate#320485).\n\n - hyperv: fix warning about missing prototype (fate#320485).\n\n - hyperv: netvsc: Neaten netvsc_send_pkt by using a temporary\n (fate#320485).\n\n - hyperv: remove unnecessary return variable (fate#320485).\n\n - i40e/i40evf: Fix use after free in Rx cleanup path (bsc#1051689).\n\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n\n - ibmvnic: Check for transport event on driver resume (bsc#1051556,\n bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n\n - iommu/amd: Enable ga_log_intr when enabling guest_mode (bsc1052533).\n\n - iommu/amd: Fix schedule ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:2171-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.79~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.79~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.79~19.2\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.79~19.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:28:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-08-16T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2017:2169-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000111", "CVE-2017-8831", "CVE-2017-1000112"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851594", "sourceData": "# Copyright (C) 2017 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851594\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2017-08-16 07:33:43 +0200 (Wed, 16 Aug 2017)\");\n script_cve_id(\"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-8831\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2017:2169-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The openSUSE Leap 42.2 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could\n be exploited to cause out-of-bounds memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could\n have been exploited by unprivileged users to gain root access.\n (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed\n local users to cause a denial of service (out-of-bounds array access) or\n possibly have unspecified other impact by changing a certain\n sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).\n\n The following non-security bugs were fixed:\n\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n\n - block: do not allow updates through sysfs until registration completes\n (bsc#1047027).\n\n - ibmvnic: Check for transport event on driver resume (bsc#1051556,\n bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n\n - iommu/amd: Fix schedule-while-atomic BUG in initialization code\n (bsc1052533).\n\n - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n\n - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n\n - scsi_devinfo: fixup string compare (bsc#1037404).\n\n - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n\n - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()\n (bsc#1051399).\");\n\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.2\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:2169-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.79~18.26.2\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.79~18.26.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.79~18.26.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.79~18.26.3\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.79~18.26.1\", rls:\"openSUSELeap42.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-3144-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7425"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-ti-omap4 USN-3144-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842971\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-01 05:39:22 +0100 (Thu, 01 Dec 2016)\");\n script_cve_id(\"CVE-2016-7425\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-3144-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Marco Grassi discovered that the driver\n for Areca RAID Controllers in the Linux kernel did not properly validate control\n messages. A local attacker could use this to cause a denial of service (system\n crash) or possibly gain privileges.\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3144-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3144-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1494-omap4\", ver:\"3.2.0-1494.121\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-omap4\", ver:\"3.2.0.1494.89\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-f3d1f79398", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7425"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310871956", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871956", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-f3d1f79398\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871956\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:21:43 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-7425\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-f3d1f79398\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-f3d1f79398\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULST6C3AWXAAU7YZD4K47F2WMIYR5A25\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.8.0~0.rc7.git0.1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3144-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7425"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842965", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842965", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3144-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842965\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-01 05:39:05 +0100 (Thu, 01 Dec 2016)\");\n script_cve_id(\"CVE-2016-7425\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3144-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Marco Grassi discovered that the driver\n for Areca RAID Controllers in the Linux kernel did not properly validate control\n messages. A local attacker could use this to cause a denial of service (system\n crash) or possibly gain privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3144-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3144-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-generic\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-generic-pae\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-highbank\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-omap\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-powerpc-smp\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-powerpc64-smp\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-116-virtual\", ver:\"3.2.0-116.158\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-pae\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-highbank\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-omap\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"3.2.0.116.132\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:18", "description": "Oracle Linux Local Security Checks ELSA-2015-0164-1", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0164-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7822"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123185", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123185", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-0164-1.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123185\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:26 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-0164-1\");\n script_tag(name:\"insight\", value:\"ELSA-2015-0164-1 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-0164-1\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-0164-1.html\");\n script_cve_id(\"CVE-2014-7822\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~402.0.0.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.0.0.0.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.0.0.0.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.0.0.0.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.0.0.0.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.0.0.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.0.0.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.0.0.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.0.0.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:20", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-11T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2015:0164-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7822"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871312", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871312", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2015:0164-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871312\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-11 05:39:17 +0100 (Wed, 11 Feb 2015)\");\n script_cve_id(\"CVE-2014-7822\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2015:0164-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local, unprivileged\nuser could use this flaw to write past the maximum file size, and thus\ncrash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this issue.\n\nThis update also fixes the following bugs:\n\n * Previously, hot-unplugging of a virtio-blk device could in some cases\nlead to a kernel panic, for example during in-flight I/O requests.\nThis update fixes race condition in the hot-unplug code in the\nvirtio_blk.ko module. As a result, hot unplugging of the virtio-blk device\nno longer causes the guest kernel oops when there are in-flight I/O\nrequests. (BZ#1006536)\n\n * Before this update, due to a bug in the error-handling path, a corrupted\nmetadata block could be used as a valid block. With this update, the error\nhandling path has been fixed and more checks have been added to verify the\nmetadata block. Now, when a corrupted metadata block is encountered, it is\nproperly marked as corrupted and handled accordingly. (BZ#1034403)\n\n * Previously, an incorrectly initialized variable resulted in a random\nvalue being stored in the variable that holds the number of default ACLs,\nand is sent in the SET_PATH_INFO data structure. Consequently, the setfacl\ncommand could, under certain circumstances, fail with an 'Invalid argument'\nerror. With this update, the variable is correctly initialized to zero,\nthus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:0164-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-February/msg00016.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~402.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:52", "description": "Oracle Linux Local Security Checks ELSA-2015-0164", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-0164", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7822"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123186", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123186", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-0164.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123186\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:00:27 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-0164\");\n script_tag(name:\"insight\", value:\"ELSA-2015-0164 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-0164\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-0164.html\");\n script_cve_id(\"CVE-2014-7822\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~402.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~402.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~402.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:26", "description": "Check the version of kernel", "cvss3": {}, "published": "2015-02-12T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2015:0164 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-7822"], "modified": "2019-03-08T00:00:00", "id": "OPENVAS:1361412562310882118", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882118", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2015:0164 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882118\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-12 05:28:11 +0100 (Thu, 12 Feb 2015)\");\n script_cve_id(\"CVE-2014-7822\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2015:0164 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of kernel\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local, unprivileged\nuser could use this flaw to write past the maximum file size, and thus\ncrash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this issue.\n\nThis update also fixes the following bugs:\n\n * Previously, hot-unplugging of a virtio-blk device could in some cases\nlead to a kernel panic, for example during in-flight I/O requests.\nThis update fixes race condition in the hot-unplug code in the\nvirtio_blk.ko module. As a result, hot unplugging of the virtio-blk device\nno longer causes the guest kernel oops when there are in-flight I/O\nrequests. (BZ#1006536)\n\n * Before this update, due to a bug in the error-handling path, a corrupted\nmetadata block could be used as a valid block. With this update, the error\nhandling path has been fixed and more checks have been added to verify the\nmetadata block. Now, when a corrupted metadata block is encountered, it is\nproperly marked as corrupted and handled accordingly. (BZ#1034403)\n\n * Previously, an incorrectly initialized variable resulted in a random\nvalue being stored in the variable that holds the number of default ACLs,\nand is sent in the SET_PATH_INFO data structure. Consequently, the setfacl\ncommand could, under certain circumstances, fail with an 'Invalid argument'\nerror. With this update, the variable is correctly initialized to zero,\nthus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:0164\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-February/020932.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~402.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-trusty USN-3149-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842983", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842983", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-3149-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842983\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:46 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-3149-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3149-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3149-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-generic\", ver:\"3.13.0-105.152~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-generic-lpae\", ver:\"3.13.0-105.152~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-trusty\", ver:\"3.13.0.105.96\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-trusty\", ver:\"3.13.0.105.96\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-3150-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842988", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842988", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-ti-omap4 USN-3150-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842988\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:51 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-3150-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3150-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3150-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1496-omap4\", ver:\"3.2.0-1496.123\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-omap4\", ver:\"3.2.0.1496.91\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3149-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842980", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842980", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3149-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842980\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:43 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3149-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3149-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3149-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-generic\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-generic-lpae\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-lowlatency\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-powerpc-e500\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-powerpc-e500mc\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-powerpc-smp\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-powerpc64-emb\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-105-powerpc64-smp\", ver:\"3.13.0-105.152\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.13.0.105.113\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3151-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842981", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842981", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3151-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842981\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:44 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3151-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3151-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3151-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-generic\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-generic-lpae\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-lowlatency\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc-e500mc\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc-smp\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc64-emb\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc64-smp\", ver:\"4.4.0-53.74\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.53.56\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-3152-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842984", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842984", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-3152-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842984\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:46 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3152-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3152-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3152-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-1020-raspi2\", ver:\"4.8.0-1020.23\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.8.0.1020.23\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-snapdragon USN-3151-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842986", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842986", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-snapdragon USN-3151-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842986\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:48 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-snapdragon USN-3151-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-snapdragon'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-snapdragon on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3151-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3151-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1039-snapdragon\", ver:\"4.4.0-1039.43\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1039.31\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-3151-4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842987", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-3151-4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842987\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:49 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3151-4\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3151-4\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3151-4/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1034-raspi2\", ver:\"4.4.0-1034.41\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.4.0.1034.33\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-xenial USN-3151-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842982", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842982", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-xenial USN-3151-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842982\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:45 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3151-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-xenial'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3151-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3151-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-generic\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-generic-lpae\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-lowlatency\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc-e500mc\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc-smp\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc64-emb\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-53-powerpc64-smp\", ver:\"4.4.0-53.74~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.53.40\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3150-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842985", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3150-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842985\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:47 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3150-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3150-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3150-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-generic\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-generic-pae\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-highbank\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-omap\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-powerpc-smp\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-powerpc64-smp\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-118-virtual\", ver:\"3.2.0-118.161\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-pae\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-highbank\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-omap\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"3.2.0.118.133\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3152-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842979", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842979", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3152-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842979\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-06 05:39:42 +0100 (Tue, 06 Dec 2016)\");\n script_cve_id(\"CVE-2016-8655\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3152-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker could use\nthis to cause a denial of service (system crash) or run arbitrary code with\nadministrative privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3152-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3152-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-generic\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-generic-lpae\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-lowlatency\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-powerpc-e500mc\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-powerpc-smp\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-30-powerpc64-emb\", ver:\"4.8.0-30.32\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.8.0.30.39\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2017-08-15T23:07:22", "description": "The openSUSE Leap 42.2 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could\n be exploited to cause out-of-bounds memory access (bsc#1052365).\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could\n have been exploited by unprivileged users to gain root access.\n (bsc#1052311).\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed\n local users to cause a denial of service (out-of-bounds array access) or\n possibly have unspecified other impact by changing a certain\n sequence-number value, aka a "double fetch" vulnerability (bnc#1037994).\n\n The following non-security bugs were fixed:\n\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n - bcache: force trigger gc (bsc#1038078).\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n - block: do not allow updates through sysfs until registration completes\n (bsc#1047027).\n - ibmvnic: Check for transport event on driver resume (bsc#1051556,\n bsc#1052709).\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n - iommu/amd: Fix schedule-while-atomic BUG in initialization code\n (bsc1052533).\n - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n - scsi_devinfo: fixup string compare (bsc#1037404).\n - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()\n (bsc#1051399).\n\n", "cvss3": {}, "published": "2017-08-15T21:06:55", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-1000111", "CVE-2017-8831", "CVE-2017-1000112"], "modified": "2017-08-15T21:06:55", "id": "OPENSUSE-SU-2017:2169-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00046.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-08-15T23:07:23", "description": "The openSUSE Leap 42.3 kernel was updated to receive various security and\n bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could\n be exploited to cause out-of-bounds memory access (bsc#1052365).\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could\n have been exploited by unprivileged users to gain root access.\n (bsc#1052311).\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed\n local users to cause a denial of service (out-of-bounds array access) or\n possibly have unspecified other impact by changing a certain\n sequence-number value, aka a "double fetch" vulnerability (bnc#1037994).\n\n The following non-security bugs were fixed:\n\n - acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2\n (bsc#1052325).\n - acpi/nfit: Issue Start ARS to retrieve existing records (bsc#1052325).\n - bcache: force trigger gc (bsc#1038078).\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n - block: do not allow updates through sysfs until registration completes\n (bsc#1047027).\n - config: disable CONFIG_RT_GROUP_SCHED (bsc#1052204).\n - drivers: hv: : As a bandaid, increase HV_UTIL_TIMEOUT from 30 to 60\n seconds (bnc#1039153)\n - drivers: hv: Fix a typo (fate#320485).\n - drivers: hv: util: Make hv_poll_channel() a little more efficient\n (fate#320485).\n - drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page\n (fate#320485).\n - drivers: hv: vmbus: Fix error code returned by vmbus_post_msg()\n (fate#320485).\n - Fix kABI breakage with CONFIG_RT_GROUP_SCHED=n (bsc#1052204).\n - hv_netvsc: change netvsc device default duplex to FULL (fate#320485).\n - hv_netvsc: Fix the carrier state error when data path is off\n (fate#320485).\n - hv_netvsc: Remove unnecessary var link_state from struct\n netvsc_device_info (fate#320485).\n - hyperv: fix warning about missing prototype (fate#320485).\n - hyperv: netvsc: Neaten netvsc_send_pkt by using a temporary\n (fate#320485).\n - hyperv: remove unnecessary return variable (fate#320485).\n - i40e/i40evf: Fix use after free in Rx cleanup path (bsc#1051689).\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n - ibmvnic: Check for transport event on driver resume (bsc#1051556,\n bsc#1052709).\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n - iommu/amd: Enable ga_log_intr when enabling guest_mode (bsc1052533).\n - iommu/amd: Fix schedule-while-atomic BUG in initialization code\n (bsc1052533).\n - KABI protect struct acpi_nfit_desc (bsc#1052325).\n - kabi/severities: add drivers/scsi/hisi_sas to kabi severities\n - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n - net: add netdev_lockdep_set_classes() helper (fate#320485).\n - net: hyperv: use new api ethtool_{get|set}_link_ksettings (fate#320485).\n - net/mlx4_core: Fixes missing capability bit in flags2 capability dump\n (bsc#1015337).\n - net/mlx4_core: Fix namespace misalignment in QinQ VST support commit\n (bsc#1015337).\n - net/mlx4_core: Fix sl_to_vl_change bit offset in flags2 dump\n (bsc#1015337).\n - netsvc: Remove upstream commit e14b4db7a567 netvsc: fix race during\n initialization will be replaced by following changes\n - netsvc: Revert "netvsc: optimize calculation of number of slots"\n (fate#320485).\n - netvsc: add comments about callback's and NAPI (fate#320485).\n - netvsc: Add #include's for csum_* function declarations (fate#320485).\n - netvsc: add rtnl annotations in rndis (fate#320485).\n - netvsc: add some rtnl_dereference annotations (fate#320485).\n - netvsc: avoid race with callback (fate#320485).\n - netvsc: change logic for change mtu and set_queues (fate#320485).\n - netvsc: change max channel calculation (fate#320485).\n - netvsc: change order of steps in setting queues (fate#320485).\n - netvsc: Deal with rescinded channels correctly (fate#320485).\n - netvsc: do not access netdev-&gt;num_rx_queues directly (fate#320485).\n - netvsc: do not overload variable in same function (fate#320485).\n - netvsc: do not print pointer value in error message (fate#320485).\n - netvsc: eliminate unnecessary skb == NULL checks (fate#320485).\n - netvsc: enable GRO (fate#320485).\n - netvsc: Fix a bug in sub-channel handling (fate#320485).\n - netvsc: fix and cleanup rndis_filter_set_packet_filter (fate#320485).\n - netvsc: fix calculation of available send sections (fate#320485).\n - netvsc: fix dereference before null check errors (fate#320485).\n - netvsc: fix error unwind on device setup failure (fate#320485).\n - netvsc: fix hang on netvsc module removal (fate#320485).\n - netvsc: fix NAPI performance regression (fate#320485).\n - netvsc: fix net poll mode (fate#320485).\n - netvsc: fix netvsc_set_channels (fate#320485).\n - netvsc: fix ptr_ret.cocci warnings (fate#320485).\n - netvsc: fix rcu dereference warning from ethtool (fate#320485).\n - netvsc: fix RCU warning in get_stats (fate#320485).\n - netvsc: fix return value for set_channels (fate#320485).\n - netvsc: fix rtnl deadlock on unregister of vf (fate#320485, bsc#1052442).\n - netvsc: fix use after free on module removal (fate#320485).\n - netvsc: fix warnings reported by lockdep (fate#320485).\n - netvsc: fold in get_outbound_net_device (fate#320485).\n - netvsc: force link update after MTU change (fate#320485).\n - netvsc: handle offline mtu and channel change (fate#320485).\n - netvsc: implement NAPI (fate#320485).\n - netvsc: include rtnetlink.h (fate#320485).\n - netvsc: Initialize all channel related state prior to opening the\n channel (fate#320485).\n - netvsc: make sure and unregister datapath (fate#320485, bsc#1052899).\n - netvsc: make sure napi enabled before vmbus_open (fate#320485).\n - netvsc: mark error cases as unlikely (fate#320485).\n - netvsc: move filter setting to rndis_device (fate#320485).\n - netvsc: need napi scheduled during removal (fate#320485).\n - netvsc: need rcu_derefence when accessing internal device info\n (fate#320485).\n - netvsc: optimize calculation of number of slots (fate#320485).\n - netvsc: optimize receive completions (fate#320485).\n - netvsc: pass net_device to netvsc_init_buf and netvsc_connect_vsp\n (fate#320485).\n - netvsc: prefetch the first incoming ring element (fate#320485).\n - netvsc: Properly initialize the return value (fate#320485).\n - netvsc: remove bogus rtnl_unlock (fate#320485).\n - netvsc: remove no longer used max_num_rss queues (fate#320485).\n - netvsc: Remove redundant use of ipv6_hdr() (fate#320485).\n - netvsc: remove unnecessary indirection of page_buffer (fate#320485).\n - netvsc: remove unnecessary lock on shutdown (fate#320485).\n - netvsc: remove unused #define (fate#320485).\n - netvsc: replace netdev_alloc_skb_ip_align with napi_alloc_skb\n (fate#320485).\n - netvsc: save pointer to parent netvsc_device in channel table\n (fate#320485).\n - netvsc: signal host if receive ring is emptied (fate#320485).\n - netvsc: transparent VF management (fate#320485, bsc#1051979).\n - netvsc: use ERR_PTR to avoid dereference issues (fate#320485).\n - netvsc: use hv_get_bytes_to_read (fate#320485).\n - netvsc: use napi_consume_skb (fate#320485).\n - netvsc: use RCU to protect inner device structure (fate#320485).\n - netvsc: uses RCU instead of removal flag (fate#320485).\n - netvsc: use typed pointer for internal state (fate#320485).\n - nvme: fabrics commands should use the fctype field for data direction\n (bsc#1043805).\n - powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9\n (bsc#1053043 (git-fixes)).\n - powerpc/tm: Fix saving of TM SPRs in core dump (fate#318470, git-fixes\n 08e1c01d6aed).\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n - rdma/bnxt_re: checking for NULL instead of IS_ERR() (bsc#1052925).\n - scsi: aacraid: fix PCI error recovery path (bsc#1048912).\n - scsi_devinfo: fixup string compare (bsc#1037404).\n - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n - scsi: hisi_sas: add pci_dev in hisi_hba struct (bsc#1049298).\n - scsi: hisi_sas: add v2 hw internal abort timeout workaround\n (bsc#1049298).\n - scsi: hisi_sas: controller reset for multi-bits ECC and AXI fatal errors\n (bsc#1049298).\n - scsi: hisi_sas: fix NULL deference when TMF timeouts (bsc#1049298).\n - scsi: hisi_sas: fix timeout check in hisi_sas_internal_task_abort()\n (bsc#1049298).\n - scsi: hisi_sas: optimise DMA slot memory (bsc#1049298).\n - scsi: hisi_sas: optimise the usage of hisi_hba.lock (bsc#1049298).\n - scsi: hisi_sas: relocate get_ata_protocol() (bsc#1049298).\n - scsi: hisi_sas: workaround a SoC SATA IO processing bug (bsc#1049298).\n - scsi: hisi_sas: workaround SoC about abort timeout bug (bsc#1049298).\n - scsi: hisi_sas: workaround STP link SoC bug (bsc#1049298).\n - scsi: lpfc: do not double count abort errors (bsc#1048912).\n - scsi: lpfc: fix linking against modular NVMe support (bsc#1048912).\n - scsi: qedi: Fix return code in qedi_ep_connect() (bsc#1048912).\n - scsi: storvsc: Prefer kcalloc over kzalloc with multiply (fate#320485).\n - scsi: storvsc: remove return at end of void function (fate#320485).\n - tools: hv: Add clean up for included files in Ubuntu net config\n (fate#320485).\n - tools: hv: Add clean up function for Ubuntu config (fate#320485).\n - tools: hv: properly handle long paths (fate#320485).\n - tools: hv: set allow-hotplug for VF on Ubuntu (fate#320485).\n - tools: hv: set hotplug for VF on Suse (fate#320485).\n - tools: hv: vss: Thaw the filesystem and continue if freeze call has\n timed out (fate#320485).\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n - vmbus: cleanup header file style (fate#320485).\n - vmbus: expose debug info for drivers (fate#320485).\n - vmbus: fix spelling errors (fate#320485).\n - vmbus: introduce in-place packet iterator (fate#320485).\n - vmbus: only reschedule tasklet if time limit exceeded (fate#320485).\n - vmbus: re-enable channel tasklet (fate#320485).\n - vmbus: remove unnecessary initialization (fate#320485).\n - vmbus: remove useless return's (fate#320485).\n - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache()\n (bsc#1051399).\n - x86/hyperv: Check frequency MSRs presence according to the specification\n (fate#320485).\n - The package release number was increased to be higher than the Leap 42.2\n package (boo#1053531).\n\n", "cvss3": {}, "published": "2017-08-15T21:10:23", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-1000111", "CVE-2017-8831", "CVE-2017-1000112"], "modified": "2017-08-15T21:10:23", "id": "OPENSUSE-SU-2017:2171-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-08/msg00047.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.74-92_38 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:13:03", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:13:03", "id": "SUSE-SU-2018:0579-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00010.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T03:21:19", "description": "This update for the Linux Kernel 4.4.82-6_6 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-03T00:12:30", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 2 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:12:30", "id": "SUSE-SU-2018:0597-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00021.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T02:11:33", "description": "This update for the Linux Kernel 4.4.82-6_9 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-03T00:08:39", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 3 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:08:39", "id": "SUSE-SU-2018:0590-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00014.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T02:11:33", "description": "This update for the Linux Kernel 4.4.90-6_12 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-03T00:09:41", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:09:41", "id": "SUSE-SU-2018:0592-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00016.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-02T01:21:14", "description": "This update for the Linux Kernel 4.4.74-92_32 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:21:08", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:21:08", "id": "SUSE-SU-2018:0584-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00012.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T03:21:19", "description": "This update for the Linux Kernel 4.4.82-6_3 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-03T00:11:21", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:11:21", "id": "SUSE-SU-2018:0595-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00019.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T03:21:19", "description": "This update for the Linux Kernel 4.4.92-6_30 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-03T00:11:52", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:11:52", "id": "SUSE-SU-2018:0596-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00020.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T17:23:44", "description": "This update for the Linux Kernel 4.4.49-92_11 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-01T15:08:02", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 5 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T15:08:02", "id": "SUSE-SU-2018:0568-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00000.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:18", "description": "This update for the Linux Kernel 4.4.74-92_29 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:10:47", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:10:47", "id": "SUSE-SU-2018:0575-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00006.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.59-92_24 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-01T21:11:56", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:11:56", "id": "SUSE-SU-2018:0577-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00008.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.59-92_20 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-01T21:10:13", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:10:13", "id": "SUSE-SU-2018:0574-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00005.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.103-92_56 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:19:34", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:19:34", "id": "SUSE-SU-2018:0582-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00011.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.90-92_45 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:09:06", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:09:06", "id": "SUSE-SU-2018:0572-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00003.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.49-92_14 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-01T21:11:27", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:11:27", "id": "SUSE-SU-2018:0576-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00007.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-02T17:21:20", "description": "This update for the Linux Kernel 4.4.74-92_35 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-02T15:09:32", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-02T15:09:32", "id": "SUSE-SU-2018:0586-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00013.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T03:21:19", "description": "This update for the Linux Kernel 4.4.103-6_38 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-03T00:10:17", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:10:17", "id": "SUSE-SU-2018:0593-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00017.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:18", "description": "This update for the Linux Kernel 4.4.103-92_53 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-01T21:12:25", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:12:25", "id": "SUSE-SU-2018:0578-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00009.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T03:21:19", "description": "This update for the Linux Kernel 4.4.103-6_33 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-03T00:10:48", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:10:48", "id": "SUSE-SU-2018:0594-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00018.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-03T02:11:33", "description": "This update for the Linux Kernel 4.4.90-92_50 fixes several issues.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n Non-security issue fixed:\n\n - btrfs: account for pinned bytes in should_alloc_chunk (bsc#1077268)\n\n", "cvss3": {}, "published": "2018-03-03T00:09:06", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-03T00:09:06", "id": "SUSE-SU-2018:0591-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00015.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-01T23:21:19", "description": "This update for the Linux Kernel 4.4.59-92_17 fixes one issue.\n\n The following security issue was fixed:\n\n - CVE-2017-18075: crypto/pcrypt.c in the Linux kernel mishandled freeing\n instances, allowing a local user able to access the AF_ALG-based AEAD\n interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt\n (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an\n incorrect pointer) or possibly have unspecified other impact by\n executing a crafted sequence of system calls (bsc#1077404).\n\n", "cvss3": {}, "published": "2018-03-01T21:09:42", "type": "suse", "title": "Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP2) (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-18075"], "modified": "2018-03-01T21:09:42", "id": "SUSE-SU-2018:0573-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-03/msg00004.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 4.4.21-84 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T03:08:49", "type": "suse", "title": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:08:49", "id": "SUSE-SU-2017:0778-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00036.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:43", "description": "This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T00:08:59", "type": "suse", "title": "Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:08:59", "id": "SUSE-SU-2017:0764-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00020.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 4.4.21-81 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T03:08:16", "type": "suse", "title": "Security update for Linux Kernel Live Patch 1 for SLE 12 SP2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:08:16", "id": "SUSE-SU-2017:0777-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00035.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:44", "description": "This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T00:12:59", "type": "suse", "title": "Security update for Linux Kernel Live Patch 9 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:12:59", "id": "SUSE-SU-2017:0773-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00028.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:44", "description": "This update for the Linux Kernel 3.12.62-60_62 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:07:59", "type": "suse", "title": "Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:07:59", "id": "SUSE-SU-2017:0760-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00019.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T21:16:49", "description": "This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T21:07:25", "type": "suse", "title": "Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T21:07:25", "id": "SUSE-SU-2017:0786-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00040.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T03:07:42", "type": "suse", "title": "Security update for Linux Kernel Live Patch 11 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:07:42", "id": "SUSE-SU-2017:0776-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00034.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 4.4.38-93 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T03:09:24", "type": "suse", "title": "Security update for Linux Kernel Live Patch 4 for SLE 12 SP2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:09:24", "id": "SUSE-SU-2017:0779-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00039.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:44", "description": "This update for the Linux Kernel 4.4.21-69 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T00:10:23", "type": "suse", "title": "Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:10:23", "id": "SUSE-SU-2017:0768-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00023.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T01:16:43", "description": "This update for the Linux Kernel 3.12.59-60_41 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:08:30", "type": "suse", "title": "Security update for Linux Kernel Live Patch 5 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:08:30", "id": "SUSE-SU-2017:0762-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00032.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 4.4.21-90 fixes several issues.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n The following non-security bug was fixed:\n - Fix for a "Data miscompare on a read" which was observed during the\n rebuilding of degraded MDRAID VDs. (bsc#1025254)\n\n", "cvss3": {}, "published": "2017-03-21T03:10:17", "type": "suse", "title": "Security update for Linux Kernel Live Patch 3 for SLE 12 SP2 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:10:17", "id": "SUSE-SU-2017:0781-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00038.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:45", "description": "This update for the Linux Kernel 3.12.59-60_45 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:13:40", "type": "suse", "title": "Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:13:40", "id": "SUSE-SU-2017:0775-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00030.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:43", "description": "This update for the Linux Kernel 3.12.60-52_63 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:09:37", "type": "suse", "title": "Security update for Linux Kernel Live Patch 18 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:09:37", "id": "SUSE-SU-2017:0766-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00022.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:43", "description": "This update for the Linux Kernel 3.12.60-52_54 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:09:52", "type": "suse", "title": "Security update for Linux Kernel Live Patch 15 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:09:52", "id": "SUSE-SU-2017:0767-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00024.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:43", "description": "This update for the Linux Kernel 3.12.60-52_49 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:11:04", "type": "suse", "title": "Security update for Linux Kernel Live Patch 14 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:11:04", "id": "SUSE-SU-2017:0769-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00025.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:43", "description": "This update for the Linux Kernel 3.12.60-52_60 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:12:15", "type": "suse", "title": "Security update for Linux Kernel Live Patch 17 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:12:15", "id": "SUSE-SU-2017:0772-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00027.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T03:16:45", "description": "This update for the Linux Kernel 3.12.61-52_66 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T03:09:54", "type": "suse", "title": "Security update for Linux Kernel Live Patch 19 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T03:09:54", "id": "SUSE-SU-2017:0780-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00037.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:44", "description": "This update for the Linux Kernel 3.12.55-52_42 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:11:53", "type": "suse", "title": "Security update for Linux Kernel Live Patch 12 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:11:53", "id": "SUSE-SU-2017:0771-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00026.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T01:16:43", "description": "This update for the Linux Kernel 3.12.62-60_64_8 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:08:44", "type": "suse", "title": "Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:08:44", "id": "SUSE-SU-2017:0763-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00031.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:44", "description": "This update for the Linux Kernel 3.12.55-52_45 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:07:44", "type": "suse", "title": "Security update for Linux Kernel Live Patch 13 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:07:44", "id": "SUSE-SU-2017:0759-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00018.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-21T01:16:43", "description": "This update for the Linux Kernel 3.12.60-52_57 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:11:29", "type": "suse", "title": "Security update for Linux Kernel Live Patch 16 for SLE 12 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:11:29", "id": "SUSE-SU-2017:0770-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00033.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-03-20T23:16:45", "description": "This update for the Linux Kernel 3.12.57-60_35 fixes one issue.\n\n The following security bug was fixed:\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a\n denial of service (system crash) via (1) an application that made\n crafted system calls or possibly (2) IPv4 traffic with invalid IP\n options (bsc#1025013).\n\n", "cvss3": {}, "published": "2017-03-21T00:13:25", "type": "suse", "title": "Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-03-21T00:13:25", "id": "SUSE-SU-2017:0774-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-03/msg00029.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-02-20T15:00:05", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to fix the following\n two issues:\n\n - CVE-2017-5970: Remote attackers could have potentially caused a denial\n of service by sending bad IP options on a socket (bsc#1024938)\n - Fix a regression in MD RAID1 which could have caused wrong data to be\n read (bsc#1020048)\n\n", "cvss3": {}, "published": "2017-02-20T15:10:18", "type": "suse", "title": "Security update for the Linux Kernel (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2017-5970"], "modified": "2017-02-20T15:10:18", "id": "SUSE-SU-2017:0517-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00033.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2023-01-18T14:18:17", "description": "The openSUSE Leap 42.2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).\n\nThe following non-security bugs were fixed :\n\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n\n - block: do not allow updates through sysfs until registration completes (bsc#1047027).\n\n - ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n\n - iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).\n\n - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n\n - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n\n - scsi_devinfo: fixup string compare (bsc#1037404).\n\n - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n\n - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-8831"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-929.NASL", "href": "https://www.tenable.com/plugins/nessus/102509", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-929.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102509);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-8831\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2017-929)\");\n script_summary(english:\"Check for the openSUSE-2017-929 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.2 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000111: Fixed a race condition in net-packet\n code that could be exploited to cause out-of-bounds\n memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet\n code that could have been exploited by unprivileged\n users to gain root access. (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux\n kernel allowed local users to cause a denial of service\n (out-of-bounds array access) or possibly have\n unspecified other impact by changing a certain\n sequence-number value, aka a 'double fetch'\n vulnerability (bnc#1037994).\n\nThe following non-security bugs were fixed :\n\n - IB/hfi1: Wait for QSFP modules to initialize\n (bsc#1019151).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode\n (bsc#1043652).\n\n - block: do not allow updates through sysfs until\n registration completes (bsc#1047027).\n\n - ibmvnic: Check for transport event on driver resume\n (bsc#1051556, bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation\n (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg\n (bsc#1052794).\n\n - iommu/amd: Fix schedule-while-atomic BUG in\n initialization code (bsc1052533).\n\n - libnvdimm, pmem: fix a NULL pointer BUG in\n nd_pmem_notify (bsc#1023175).\n\n - libnvdimm: fix badblock range handling of ARS range\n (bsc#1023175).\n\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773,\n LTC#157374).\n\n - scsi_devinfo: fixup string compare (bsc#1037404).\n\n - scsi_dh_alua: suppress errors from unsupported devices\n (bsc#1038792).\n\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n\n - x86/dmi: Switch dmi_remap() from ioremap() to\n ioremap_cache() (bsc#1051399).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1019151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1023175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1037404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1037994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1038078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1038792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052794\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debugsource-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debugsource-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-devel-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-devel-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-html-4.4.79-18.26.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-pdf-4.4.79-18.26.3\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-macros-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-debugsource-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-qa-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-vanilla-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-syms-4.4.79-18.26.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debuginfo-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debugsource-4.4.79-18.26.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-devel-4.4.79-18.26.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-docs-html / kernel-docs-pdf / kernel-devel / kernel-macros / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:18:34", "description": "The openSUSE Leap 42.3 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000111: Fixed a race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).\n\nThe following non-security bugs were fixed :\n\n - acpi/nfit: Add support of NVDIMM memory error notification in ACPI 6.2 (bsc#1052325).\n\n - acpi/nfit: Issue Start ARS to retrieve existing records (bsc#1052325).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n\n - block: do not allow updates through sysfs until registration completes (bsc#1047027).\n\n - config: disable CONFIG_RT_GROUP_SCHED (bsc#1052204).\n\n - drivers: hv: : As a bandaid, increase HV_UTIL_TIMEOUT from 30 to 60 seconds (bnc#1039153)\n\n - drivers: hv: Fix a typo (fate#320485).\n\n - drivers: hv: util: Make hv_poll_channel() a little more efficient (fate#320485).\n\n - drivers: hv: vmbus: Close timing hole that can corrupt per-cpu page (fate#320485).\n\n - drivers: hv: vmbus: Fix error code returned by vmbus_post_msg() (fate#320485).\n\n - Fix kABI breakage with CONFIG_RT_GROUP_SCHED=n (bsc#1052204).\n\n - hv_netvsc: change netvsc device default duplex to FULL (fate#320485).\n\n - hv_netvsc: Fix the carrier state error when data path is off (fate#320485).\n\n - hv_netvsc: Remove unnecessary var link_state from struct netvsc_device_info (fate#320485).\n\n - hyperv: fix warning about missing prototype (fate#320485).\n\n - hyperv: netvsc: Neaten netvsc_send_pkt by using a temporary (fate#320485).\n\n - hyperv: remove unnecessary return variable (fate#320485).\n\n - i40e/i40evf: Fix use after free in Rx cleanup path (bsc#1051689).\n\n - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n\n - ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n\n - iommu/amd: Enable ga_log_intr when enabling guest_mode (bsc1052533).\n\n - iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).\n\n - KABI protect struct acpi_nfit_desc (bsc#1052325).\n\n - kabi/severities: add drivers/scsi/hisi_sas to kabi severities\n\n - libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n\n - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n\n - net: add netdev_lockdep_set_classes() helper (fate#320485).\n\n - net: hyperv: use new api ethtool_(get|set)_link_ksettings (fate#320485).\n\n - net/mlx4_core: Fixes missing capability bit in flags2 capability dump (bsc#1015337).\n\n - net/mlx4_core: Fix namespace misalignment in QinQ VST support commit (bsc#1015337).\n\n - net/mlx4_core: Fix sl_to_vl_change bit offset in flags2 dump (bsc#1015337).\n\n - netsvc: Remove upstream commit e14b4db7a567 netvsc: fix race during initialization will be replaced by following changes\n\n - netsvc: Revert 'netvsc: optimize calculation of number of slots' (fate#320485).\n\n - netvsc: add comments about callback's and NAPI (fate#320485).\n\n - netvsc: Add #include's for csum_* function declarations (fate#320485).\n\n - netvsc: add rtnl annotations in rndis (fate#320485).\n\n - netvsc: add some rtnl_dereference annotations (fate#320485).\n\n - netvsc: avoid race with callback (fate#320485).\n\n - netvsc: change logic for change mtu and set_queues (fate#320485).\n\n - netvsc: change max channel calculation (fate#320485).\n\n - netvsc: change order of steps in setting queues (fate#320485).\n\n - netvsc: Deal with rescinded channels correctly (fate#320485).\n\n - netvsc: do not access netdev->num_rx_queues directly (fate#320485).\n\n - netvsc: do not overload variable in same function (fate#320485).\n\n - netvsc: do not print pointer value in error message (fate#320485).\n\n - netvsc: eliminate unnecessary skb == NULL checks (fate#320485).\n\n - netvsc: enable GRO (fate#320485).\n\n - netvsc: Fix a bug in sub-channel handling (fate#320485).\n\n - netvsc: fix and cleanup rndis_filter_set_packet_filter (fate#320485).\n\n - netvsc: fix calculation of available send sections (fate#320485).\n\n - netvsc: fix dereference before null check errors (fate#320485).\n\n - netvsc: fix error unwind on device setup failure (fate#320485).\n\n - netvsc: fix hang on netvsc module removal (fate#320485).\n\n - netvsc: fix NAPI performance regression (fate#320485).\n\n - netvsc: fix net poll mode (fate#320485).\n\n - netvsc: fix netvsc_set_channels (fate#320485).\n\n - netvsc: fix ptr_ret.cocci warnings (fate#320485).\n\n - netvsc: fix rcu dereference warning from ethtool (fate#320485).\n\n - netvsc: fix RCU warning in get_stats (fate#320485).\n\n - netvsc: fix return value for set_channels (fate#320485).\n\n - netvsc: fix rtnl deadlock on unregister of vf (fate#320485, bsc#1052442).\n\n - netvsc: fix use after free on module removal (fate#320485).\n\n - netvsc: fix warnings reported by lockdep (fate#320485).\n\n - netvsc: fold in get_outbound_net_device (fate#320485).\n\n - netvsc: force link update after MTU change (fate#320485).\n\n - netvsc: handle offline mtu and channel change (fate#320485).\n\n - netvsc: implement NAPI (fate#320485).\n\n - netvsc: include rtnetlink.h (fate#320485).\n\n - netvsc: Initialize all channel related state prior to opening the channel (fate#320485).\n\n - netvsc: make sure and unregister datapath (fate#320485, bsc#1052899).\n\n - netvsc: make sure napi enabled before vmbus_open (fate#320485).\n\n - netvsc: mark error cases as unlikely (fate#320485).\n\n - netvsc: move filter setting to rndis_device (fate#320485).\n\n - netvsc: need napi scheduled during removal (fate#320485).\n\n - netvsc: need rcu_derefence when accessing internal device info (fate#320485).\n\n - netvsc: optimize calculation of number of slots (fate#320485).\n\n - netvsc: optimize receive completions (fate#320485).\n\n - netvsc: pass net_device to netvsc_init_buf and netvsc_connect_vsp (fate#320485).\n\n - netvsc: prefetch the first incoming ring element (fate#320485).\n\n - netvsc: Properly initialize the return value (fate#320485).\n\n - netvsc: remove bogus rtnl_unlock (fate#320485).\n\n - netvsc: remove no longer used max_num_rss queues (fate#320485).\n\n - netvsc: Remove redundant use of ipv6_hdr() (fate#320485).\n\n - netvsc: remove unnecessary indirection of page_buffer (fate#320485).\n\n - netvsc: remove unnecessary lock on shutdown (fate#320485).\n\n - netvsc: remove unused #define (fate#320485).\n\n - netvsc: replace netdev_alloc_skb_ip_align with napi_alloc_skb (fate#320485).\n\n - netvsc: save pointer to parent netvsc_device in channel table (fate#320485).\n\n - netvsc: signal host if receive ring is emptied (fate#320485).\n\n - netvsc: transparent VF management (fate#320485, bsc#1051979).\n\n - netvsc: use ERR_PTR to avoid dereference issues (fate#320485).\n\n - netvsc: use hv_get_bytes_to_read (fate#320485).\n\n - netvsc: use napi_consume_skb (fate#320485).\n\n - netvsc: use RCU to protect inner device structure (fate#320485).\n\n - netvsc: uses RCU instead of removal flag (fate#320485).\n\n - netvsc: use typed pointer for internal state (fate#320485).\n\n - nvme: fabrics commands should use the fctype field for data direction (bsc#1043805).\n\n - powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9 (bsc#1053043 (git-fixes)).\n\n - powerpc/tm: Fix saving of TM SPRs in core dump (fate#318470, git-fixes 08e1c01d6aed).\n\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n\n - rdma/bnxt_re: checking for NULL instead of IS_ERR() (bsc#1052925).\n\n - scsi: aacraid: fix PCI error recovery path (bsc#1048912).\n\n - scsi_devinfo: fixup string compare (bsc#1037404).\n\n - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n\n - scsi: hisi_sas: add pci_dev in hisi_hba struct (bsc#1049298).\n\n - scsi: hisi_sas: add v2 hw internal abort timeout workaround (bsc#1049298).\n\n - scsi: hisi_sas: controller reset for multi-bits ECC and AXI fatal errors (bsc#1049298).\n\n - scsi: hisi_sas: fix NULL deference when TMF timeouts (bsc#1049298).\n\n - scsi: hisi_sas: fix timeout check in hisi_sas_internal_task_abort() (bsc#1049298).\n\n - scsi: hisi_sas: optimise DMA slot memory (bsc#1049298).\n\n - scsi: hisi_sas: optimise the usage of hisi_hba.lock (bsc#1049298).\n\n - scsi: hisi_sas: relocate get_ata_protocol() (bsc#1049298).\n\n - scsi: hisi_sas: workaround a SoC SATA IO processing bug (bsc#1049298).\n\n - scsi: hisi_sas: workaround SoC about abort timeout bug (bsc#1049298).\n\n - scsi: hisi_sas: workaround STP link SoC bug (bsc#1049298).\n\n - scsi: lpfc: do not double count abort errors (bsc#1048912).\n\n - scsi: lpfc: fix linking against modular NVMe support (bsc#1048912).\n\n - scsi: qedi: Fix return code in qedi_ep_connect() (bsc#1048912).\n\n - scsi: storvsc: Prefer kcalloc over kzalloc with multiply (fate#320485).\n\n - scsi: storvsc: remove return at end of void function (fate#320485).\n\n - tools: hv: Add clean up for included files in Ubuntu net config (fate#320485).\n\n - tools: hv: Add clean up function for Ubuntu config (fate#320485).\n\n - tools: hv: properly handle long paths (fate#320485).\n\n - tools: hv: set allow-hotplug for VF on Ubuntu (fate#320485).\n\n - tools: hv: set hotplug for VF on Suse (fate#320485).\n\n - tools: hv: vss: Thaw the filesystem and continue if freeze call has timed out (fate#320485).\n\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n\n - vmbus: cleanup header file style (fate#320485).\n\n - vmbus: expose debug info for drivers (fate#320485).\n\n - vmbus: fix spelling errors (fate#320485).\n\n - vmbus: introduce in-place packet iterator (fate#320485).\n\n - vmbus: only reschedule tasklet if time limit exceeded (fate#320485).\n\n - vmbus: re-enable channel tasklet (fate#320485).\n\n - vmbus: remove unnecessary initialization (fate#320485).\n\n - vmbus: remove useless return's (fate#320485).\n\n - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).\n\n - x86/hyperv: Check frequency MSRs presence according to the specification (fate#320485).\n\n - The package release number was increased to be higher than the Leap 42.2 package (boo#1053531).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-08-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2017-930)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-8831"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2017-930.NASL", "href": "https://www.tenable.com/plugins/nessus/102510", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-930.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(102510);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000111\", \"CVE-2017-1000112\", \"CVE-2017-8831\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2017-930)\");\n script_summary(english:\"Check for the openSUSE-2017-930 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.3 kernel was updated to receive various security\nand bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000111: Fixed a race condition in net-packet\n code that could be exploited to cause out-of-bounds\n memory access (bsc#1052365).\n\n - CVE-2017-1000112: Fixed a race condition in net-packet\n code that could have been exploited by unprivileged\n users to gain root access. (bsc#1052311).\n\n - CVE-2017-8831: The saa7164_bus_get function in\n drivers/media/pci/saa7164/saa7164-bus.c in the Linux\n kernel allowed local users to cause a denial of service\n (out-of-bounds array access) or possibly have\n unspecified other impact by changing a certain\n sequence-number value, aka a 'double fetch'\n vulnerability (bnc#1037994).\n\nThe following non-security bugs were fixed :\n\n - acpi/nfit: Add support of NVDIMM memory error\n notification in ACPI 6.2 (bsc#1052325).\n\n - acpi/nfit: Issue Start ARS to retrieve existing records\n (bsc#1052325).\n\n - bcache: force trigger gc (bsc#1038078).\n\n - bcache: only recovery I/O error for writethrough mode\n (bsc#1043652).\n\n - block: do not allow updates through sysfs until\n registration completes (bsc#1047027).\n\n - config: disable CONFIG_RT_GROUP_SCHED (bsc#1052204).\n\n - drivers: hv: : As a bandaid, increase HV_UTIL_TIMEOUT\n from 30 to 60 seconds (bnc#1039153)\n\n - drivers: hv: Fix a typo (fate#320485).\n\n - drivers: hv: util: Make hv_poll_channel() a little more\n efficient (fate#320485).\n\n - drivers: hv: vmbus: Close timing hole that can corrupt\n per-cpu page (fate#320485).\n\n - drivers: hv: vmbus: Fix error code returned by\n vmbus_post_msg() (fate#320485).\n\n - Fix kABI breakage with CONFIG_RT_GROUP_SCHED=n\n (bsc#1052204).\n\n - hv_netvsc: change netvsc device default duplex to FULL\n (fate#320485).\n\n - hv_netvsc: Fix the carrier state error when data path is\n off (fate#320485).\n\n - hv_netvsc: Remove unnecessary var link_state from struct\n netvsc_device_info (fate#320485).\n\n - hyperv: fix warning about missing prototype\n (fate#320485).\n\n - hyperv: netvsc: Neaten netvsc_send_pkt by using a\n temporary (fate#320485).\n\n - hyperv: remove unnecessary return variable\n (fate#320485).\n\n - i40e/i40evf: Fix use after free in Rx cleanup path\n (bsc#1051689).\n\n - IB/hfi1: Wait for QSFP modules to initialize\n (bsc#1019151).\n\n - ibmvnic: Check for transport event on driver resume\n (bsc#1051556, bsc#1052709).\n\n - ibmvnic: Initialize SCRQ's during login renegotiation\n (bsc#1052223).\n\n - ibmvnic: Report rx buffer return codes as netdev_dbg\n (bsc#1052794).\n\n - iommu/amd: Enable ga_log_intr when enabling guest_mode\n (bsc1052533).\n\n - iommu/amd: Fix schedule-while-atomic BUG in\n initialization code (bsc1052533).\n\n - KABI protect struct acpi_nfit_desc (bsc#1052325).\n\n - kabi/severities: add drivers/scsi/hisi_sas to kabi\n severities\n\n - libnvdimm: fix badblock range handling of ARS range\n (bsc#1023175).\n\n - libnvdimm, pmem: fix a NULL pointer BUG in\n nd_pmem_notify (bsc#1023175).\n\n - net: add netdev_lockdep_set_classes() helper\n (fate#320485).\n\n - net: hyperv: use new api\n ethtool_(get|set)_link_ksettings (fate#320485).\n\n - net/mlx4_core: Fixes missing capability bit in flags2\n capability dump (bsc#1015337).\n\n - net/mlx4_core: Fix namespace misalignment in QinQ VST\n support commit (bsc#1015337).\n\n - net/mlx4_core: Fix sl_to_vl_change bit offset in flags2\n dump (bsc#1015337).\n\n - netsvc: Remove upstream commit e14b4db7a567 netvsc: fix\n race during initialization will be replaced by following\n changes\n\n - netsvc: Revert 'netvsc: optimize calculation of number\n of slots' (fate#320485).\n\n - netvsc: add comments about callback's and NAPI\n (fate#320485).\n\n - netvsc: Add #include's for csum_* function declarations\n (fate#320485).\n\n - netvsc: add rtnl annotations in rndis (fate#320485).\n\n - netvsc: add some rtnl_dereference annotations\n (fate#320485).\n\n - netvsc: avoid race with callback (fate#320485).\n\n - netvsc: change logic for change mtu and set_queues\n (fate#320485).\n\n - netvsc: change max channel calculation (fate#320485).\n\n - netvsc: change order of steps in setting queues\n (fate#320485).\n\n - netvsc: Deal with rescinded channels correctly\n (fate#320485).\n\n - netvsc: do not access netdev->num_rx_queues directly\n (fate#320485).\n\n - netvsc: do not overload variable in same function\n (fate#320485).\n\n - netvsc: do not print pointer value in error message\n (fate#320485).\n\n - netvsc: eliminate unnecessary skb == NULL checks\n (fate#320485).\n\n - netvsc: enable GRO (fate#320485).\n\n - netvsc: Fix a bug in sub-channel handling (fate#320485).\n\n - netvsc: fix and cleanup rndis_filter_set_packet_filter\n (fate#320485).\n\n - netvsc: fix calculation of available send sections\n (fate#320485).\n\n - netvsc: fix dereference before null check errors\n (fate#320485).\n\n - netvsc: fix error unwind on device setup failure\n (fate#320485).\n\n - netvsc: fix hang on netvsc module removal (fate#320485).\n\n - netvsc: fix NAPI performance regression (fate#320485).\n\n - netvsc: fix net poll mode (fate#320485).\n\n - netvsc: fix netvsc_set_channels (fate#320485).\n\n - netvsc: fix ptr_ret.cocci warnings (fate#320485).\n\n - netvsc: fix rcu dereference warning from ethtool\n (fate#320485).\n\n - netvsc: fix RCU warning in get_stats (fate#320485).\n\n - netvsc: fix return value for set_channels (fate#320485).\n\n - netvsc: fix rtnl deadlock on unregister of vf\n (fate#320485, bsc#1052442).\n\n - netvsc: fix use after free on module removal\n (fate#320485).\n\n - netvsc: fix warnings reported by lockdep (fate#320485).\n\n - netvsc: fold in get_outbound_net_device (fate#320485).\n\n - netvsc: force link update after MTU change\n (fate#320485).\n\n - netvsc: handle offline mtu and channel change\n (fate#320485).\n\n - netvsc: implement NAPI (fate#320485).\n\n - netvsc: include rtnetlink.h (fate#320485).\n\n - netvsc: Initialize all channel related state prior to\n opening the channel (fate#320485).\n\n - netvsc: make sure and unregister datapath (fate#320485,\n bsc#1052899).\n\n - netvsc: make sure napi enabled before vmbus_open\n (fate#320485).\n\n - netvsc: mark error cases as unlikely (fate#320485).\n\n - netvsc: move filter setting to rndis_device\n (fate#320485).\n\n - netvsc: need napi scheduled during removal\n (fate#320485).\n\n - netvsc: need rcu_derefence when accessing internal\n device info (fate#320485).\n\n - netvsc: optimize calculation of number of slots\n (fate#320485).\n\n - netvsc: optimize receive completions (fate#320485).\n\n - netvsc: pass net_device to netvsc_init_buf and\n netvsc_connect_vsp (fate#320485).\n\n - netvsc: prefetch the first incoming ring element\n (fate#320485).\n\n - netvsc: Properly initialize the return value\n (fate#320485).\n\n - netvsc: remove bogus rtnl_unlock (fate#320485).\n\n - netvsc: remove no longer used max_num_rss queues\n (fate#320485).\n\n - netvsc: Remove redundant use of ipv6_hdr()\n (fate#320485).\n\n - netvsc: remove unnecessary indirection of page_buffer\n (fate#320485).\n\n - netvsc: remove unnecessary lock on shutdown\n (fate#320485).\n\n - netvsc: remove unused #define (fate#320485).\n\n - netvsc: replace netdev_alloc_skb_ip_align with\n napi_alloc_skb (fate#320485).\n\n - netvsc: save pointer to parent netvsc_device in channel\n table (fate#320485).\n\n - netvsc: signal host if receive ring is emptied\n (fate#320485).\n\n - netvsc: transparent VF management (fate#320485,\n bsc#1051979).\n\n - netvsc: use ERR_PTR to avoid dereference issues\n (fate#320485).\n\n - netvsc: use hv_get_bytes_to_read (fate#320485).\n\n - netvsc: use napi_consume_skb (fate#320485).\n\n - netvsc: use RCU to protect inner device structure\n (fate#320485).\n\n - netvsc: uses RCU instead of removal flag (fate#320485).\n\n - netvsc: use typed pointer for internal state\n (fate#320485).\n\n - nvme: fabrics commands should use the fctype field for\n data direction (bsc#1043805).\n\n - powerpc/perf: Fix SDAR_MODE value for continous sampling\n on Power9 (bsc#1053043 (git-fixes)).\n\n - powerpc/tm: Fix saving of TM SPRs in core dump\n (fate#318470, git-fixes 08e1c01d6aed).\n\n - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773,\n LTC#157374).\n\n - rdma/bnxt_re: checking for NULL instead of IS_ERR()\n (bsc#1052925).\n\n - scsi: aacraid: fix PCI error recovery path\n (bsc#1048912).\n\n - scsi_devinfo: fixup string compare (bsc#1037404).\n\n - scsi_dh_alua: suppress errors from unsupported devices\n (bsc#1038792).\n\n - scsi: hisi_sas: add pci_dev in hisi_hba struct\n (bsc#1049298).\n\n - scsi: hisi_sas: add v2 hw internal abort timeout\n workaround (bsc#1049298).\n\n - scsi: hisi_sas: controller reset for multi-bits ECC and\n AXI fatal errors (bsc#1049298).\n\n - scsi: hisi_sas: fix NULL deference when TMF timeouts\n (bsc#1049298).\n\n - scsi: hisi_sas: fix timeout check in\n hisi_sas_internal_task_abort() (bsc#1049298).\n\n - scsi: hisi_sas: optimise DMA slot memory (bsc#1049298).\n\n - scsi: hisi_sas: optimise the usage of hisi_hba.lock\n (bsc#1049298).\n\n - scsi: hisi_sas: relocate get_ata_protocol()\n (bsc#1049298).\n\n - scsi: hisi_sas: workaround a SoC SATA IO processing bug\n (bsc#1049298).\n\n - scsi: hisi_sas: workaround SoC about abort timeout bug\n (bsc#1049298).\n\n - scsi: hisi_sas: workaround STP link SoC bug\n (bsc#1049298).\n\n - scsi: lpfc: do not double count abort errors\n (bsc#1048912).\n\n - scsi: lpfc: fix linking against modular NVMe support\n (bsc#1048912).\n\n - scsi: qedi: Fix return code in qedi_ep_connect()\n (bsc#1048912).\n\n - scsi: storvsc: Prefer kcalloc over kzalloc with multiply\n (fate#320485).\n\n - scsi: storvsc: remove return at end of void function\n (fate#320485).\n\n - tools: hv: Add clean up for included files in Ubuntu net\n config (fate#320485).\n\n - tools: hv: Add clean up function for Ubuntu config\n (fate#320485).\n\n - tools: hv: properly handle long paths (fate#320485).\n\n - tools: hv: set allow-hotplug for VF on Ubuntu\n (fate#320485).\n\n - tools: hv: set hotplug for VF on Suse (fate#320485).\n\n - tools: hv: vss: Thaw the filesystem and continue if\n freeze call has timed out (fate#320485).\n\n - vfs: fix missing inode_get_dev sites (bsc#1052049).\n\n - vmbus: cleanup header file style (fate#320485).\n\n - vmbus: expose debug info for drivers (fate#320485).\n\n - vmbus: fix spelling errors (fate#320485).\n\n - vmbus: introduce in-place packet iterator (fate#320485).\n\n - vmbus: only reschedule tasklet if time limit exceeded\n (fate#320485).\n\n - vmbus: re-enable channel tasklet (fate#320485).\n\n - vmbus: remove unnecessary initialization (fate#320485).\n\n - vmbus: remove useless return's (fate#320485).\n\n - x86/dmi: Switch dmi_remap() from ioremap() to\n ioremap_cache() (bsc#1051399).\n\n - x86/hyperv: Check frequency MSRs presence according to\n the specification (fate#320485).\n\n - The package release number was increased to be higher\n than the Leap 42.2 package (boo#1053531).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1019151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1023175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1037404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1037994\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1038078\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1038792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1047027\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1048912\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1049298\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051399\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051556\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051689\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1051979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052049\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052204\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052311\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052325\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052365\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052442\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052533\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052773\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052794\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1052925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1053043\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1053531\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/08/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-base-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-debugsource-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-debug-devel-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-base-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-debugsource-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-default-devel-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-devel-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-html-4.4.79-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-docs-pdf-4.4.79-19.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-macros-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-build-debugsource-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-obs-qa-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-source-vanilla-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-syms-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-base-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debuginfo-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-debugsource-4.4.79-19.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"kernel-vanilla-devel-4.4.79-19.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-devel / kernel-macros / kernel-source / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:21:56", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3200 advisory.\n\n - Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar:\n lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. (CVE-2017-1000111)\n\n - The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path. (CVE-2017-14106)\n\n - Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ([IPv4/IPv6]: UFO Scatter-gather approach) on Oct 18 2005. (CVE-2017-1000112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-16T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2017-3200)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8655", "CVE-2017-1000111", "CVE-2017-1000112", "CVE-2017-14106"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2017-3200.NASL", "href": "https://www.tenable.com/plugins/nessus/104617", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3200.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104617);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-14106\", \"CVE-2017-1000111\", \"CVE-2017-1000112\");\n script_xref(name:\"RHSA\", value:\"2017:3200\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2017-3200)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2017-3200 advisory.\n\n - Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed\n CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in\n packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar:\n lock the socket for the update. This issue may be exploitable, we did not investigate further. As this\n issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user\n namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. (CVE-2017-1000111)\n\n - The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause\n a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect\n within a certain tcp_recvmsg code path. (CVE-2017-14106)\n\n - Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet\n with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send()\n calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In\n case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and\n the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap =\n skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to\n become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in\n IPv6 code. The bug was introduced in e89e9cf539a2 ([IPv4/IPv6]: UFO Scatter-gather approach) on Oct 18\n 2005. (CVE-2017-1000112)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3200.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-1000111\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-696.16.1.el6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3200');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-abi-whitelists-2.6.32-696.16.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},\n {'reference':'kernel-debug-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-firmware-2.6.32-696.16.1.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},\n {'reference':'kernel-headers-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'kernel-headers-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'perf-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-696.16.1.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-696.16.1.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T16:31:04", "description": "fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.\n(CVE-2015-8374)", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-01-29T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K60742457)", "bulletinFamily": "scanner", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8374"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL60742457.NASL", "href": "https://www.tenable.com/plugins/nessus/88463", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K60742457.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88463);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-8374\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K60742457)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles\ncompressed inline extents, which allows local users to obtain\nsensitive pre-truncation information from a file via a clone action.\n(CVE-2015-8374)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K60742457\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K60742457.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K60742457\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.0.0-11.6.0\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.0.0-11.4.1\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.0.0-11.3.0\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"10.1.0-10.2.4\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:39:40", "description": "The 4.8-rc7 release contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : kernel (2016-f3d1f79398)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7425"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-F3D1F79398.NASL", "href": "https://www.tenable.com/plugins/nessus/94879", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-f3d1f79398.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94879);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-7425\");\n script_xref(name:\"FEDORA\", value:\"2016-f3d1f79398\");\n\n script_name(english:\"Fedora 25 : kernel (2016-f3d1f79398)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.8-rc7 release contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-f3d1f79398\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7425\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-f3d1f79398\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.8.0-0.rc7.git0.1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:39:04", "description": "Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-01T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerability (USN-3144-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7425"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3144-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95429", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3144-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95429);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7425\");\n script_xref(name:\"USN\", value:\"3144-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerability (USN-3144-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Marco Grassi discovered that the driver for Areca RAID Controllers in\nthe Linux kernel did not properly validate control messages. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3144-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7425\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3144-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-116-generic\", pkgver:\"3.2.0-116.158\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-116-generic-pae\", pkgver:\"3.2.0-116.158\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-116-highbank\", pkgver:\"3.2.0-116.158\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-116-virtual\", pkgver:\"3.2.0-116.158\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic\", pkgver:\"3.2.0.116.132\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-pae\", pkgver:\"3.2.0.116.132\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-highbank\", pkgver:\"3.2.0.116.132\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-virtual\", pkgver:\"3.2.0.116.132\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:00", "description": "Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this issue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an 'Invalid argument' error. With this update, the variable is correctly initialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2015-02-11T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2015:0164)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2015-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/81291", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0164. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81291);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:39\");\n\n script_cve_id(\"CVE-2014-7822\");\n script_bugtraq_id(72347);\n script_xref(name:\"RHSA\", value:\"2015:0164\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2015:0164)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local,\nunprivileged user could use this flaw to write past the maximum file\nsize, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some\ncases lead to a kernel panic, for example during in-flight I/O\nrequests. This update fixes race condition in the hot-unplug code in\nthe virtio_blk.ko module. As a result, hot unplugging of the\nvirtio-blk device no longer causes the guest kernel oops when there\nare in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a\ncorrupted metadata block could be used as a valid block. With this\nupdate, the error handling path has been fixed and more checks have\nbeen added to verify the metadata block. Now, when a corrupted\nmetadata block is encountered, it is properly marked as corrupted and\nhandled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random\nvalue being stored in the variable that holds the number of default\nACLs, and is sent in the SET_PATH_INFO data structure. Consequently,\nthe setfacl command could, under certain circumstances, fail with an\n'Invalid argument' error. With this update, the variable is correctly\ninitialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:0164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-7822\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:0164\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-402.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-402.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:55", "description": "- A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate)\n\nThis update also fixes the following bugs :\n\n - Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests.\n\n - Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly.\n\n - Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an 'Invalid argument' error. With this update, the variable is correctly initialized to zero, thus fixing the bug.\n\nThe system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2015-02-12T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20150210)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-xen", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20150210_KERNEL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/81308", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81308);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-7822\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20150210)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - A flaw was found in the way the Linux kernel's splice()\n system call validated its parameters. On certain file\n systems, a local, unprivileged user could use this flaw\n to write past the maximum file size, and thus crash the\n system. (CVE-2014-7822, Moderate)\n\nThis update also fixes the following bugs :\n\n - Previously, hot-unplugging of a virtio-blk device could\n in some cases lead to a kernel panic, for example during\n in-flight I/O requests. This update fixes race condition\n in the hot-unplug code in the virtio_blk.ko module. As a\n result, hot unplugging of the virtio-blk device no\n longer causes the guest kernel oops when there are\n in-flight I/O requests.\n\n - Before this update, due to a bug in the error-handling\n path, a corrupted metadata block could be used as a\n valid block. With this update, the error handling path\n has been fixed and more checks have been added to verify\n the metadata block. Now, when a corrupted metadata block\n is encountered, it is properly marked as corrupted and\n handled accordingly.\n\n - Previously, an incorrectly initialized variable resulted\n in a random value being stored in the variable that\n holds the number of default ACLs, and is sent in the\n SET_PATH_INFO data structure. Consequently, the setfacl\n command could, under certain circumstances, fail with an\n 'Invalid argument' error. With this update, the variable\n is correctly initialized to zero, thus fixing the bug.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1502&L=scientific-linux-errata&T=0&P=901\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?173e2366\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-debuginfo-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-debuginfo-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-common-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-debuginfo-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-402.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:50:05", "description": "Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this issue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an 'Invalid argument' error. With this update, the variable is correctly initialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2015-02-11T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2015:0164)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2015-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/81276", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:0164 and \n# CentOS Errata and Security Advisory 2015:0164 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81276);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-7822\");\n script_bugtraq_id(72347);\n script_xref(name:\"RHSA\", value:\"2015:0164\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2015:0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local,\nunprivileged user could use this flaw to write past the maximum file\nsize, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some\ncases lead to a kernel panic, for example during in-flight I/O\nrequests. This update fixes race condition in the hot-unplug code in\nthe virtio_blk.ko module. As a result, hot unplugging of the\nvirtio-blk device no longer causes the guest kernel oops when there\nare in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a\ncorrupted metadata block could be used as a valid block. With this\nupdate, the error handling path has been fixed and more checks have\nbeen added to verify the metadata block. Now, when a corrupted\nmetadata block is encountered, it is properly marked as corrupted and\nhandled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random\nvalue being stored in the variable that holds the number of default\nACLs, and is sent in the SET_PATH_INFO data structure. Consequently,\nthe setfacl command could, under certain circumstances, fail with an\n'Invalid argument' error. With this update, the variable is correctly\ninitialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-February/020932.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0a40eb7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-7822\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-402.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-402.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:49:09", "description": "From Red Hat Security Advisory 2015:0164 :\n\nUpdated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this issue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an 'Invalid argument' error. With this update, the variable is correctly initialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {}, "published": "2015-02-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2015-0164)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-PAE", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2015-0164.NASL", "href": "https://www.tenable.com/plugins/nessus/81307", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:0164 and \n# Oracle Linux Security Advisory ELSA-2015-0164 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81307);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2014-7822\");\n script_bugtraq_id(71685, 72347);\n script_xref(name:\"RHSA\", value:\"2015:0164\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2015-0164)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:0164 :\n\nUpdated kernel packages that fix one security issue and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's splice() system call\nvalidated its parameters. On certain file systems, a local,\nunprivileged user could use this flaw to write past the maximum file\nsize, and thus crash the system. (CVE-2014-7822, Moderate)\n\nRed Hat would like to thank Akira Fujita of NEC for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Previously, hot-unplugging of a virtio-blk device could in some\ncases lead to a kernel panic, for example during in-flight I/O\nrequests. This update fixes race condition in the hot-unplug code in\nthe virtio_blk.ko module. As a result, hot unplugging of the\nvirtio-blk device no longer causes the guest kernel oops when there\nare in-flight I/O requests. (BZ#1006536)\n\n* Before this update, due to a bug in the error-handling path, a\ncorrupted metadata block could be used as a valid block. With this\nupdate, the error handling path has been fixed and more checks have\nbeen added to verify the metadata block. Now, when a corrupted\nmetadata block is encountered, it is properly marked as corrupted and\nhandled accordingly. (BZ#1034403)\n\n* Previously, an incorrectly initialized variable resulted in a random\nvalue being stored in the variable that holds the number of default\nACLs, and is sent in the SET_PATH_INFO data structure. Consequently,\nthe setfacl command could, under certain circumstances, fail with an\n'Invalid argument' error. With this update, the variable is correctly\ninitialized to zero, thus fixing the bug. (BZ#1105625)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-February/004841.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2014-7822\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2015-0164\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-402.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-402.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:01:34", "description": "The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.", "cvss3": {}, "published": "2015-09-09T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (SOL17237)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL17237.NASL", "href": "https://www.tenable.com/plugins/nessus/85854", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL17237.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85854);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2014-7822\");\n script_bugtraq_id(72347);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (SOL17237)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of certain splice_write file operations in the\nLinux kernel before 3.16 does not enforce a restriction on the maximum\nsize of a single file, which allows local users to cause a denial of\nservice (system crash) or possibly have unspecified other impact via a\ncrafted splice system call, as demonstrated by use of a file\ndescriptor associated with an ext4 filesystem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17237\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL17237.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL17237\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:31:04", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - The NFSv4 server in the Linux kernel compiled with CONFIG_NFSD_PNFS enabled does not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. The attack payload fits to single one-way UDP packet. The provided input value is used for array dereferencing. This may lead to a remote DoS of [knfsd] and so to a soft-lockup of a whole system.\n\n - A vulnerability was found in the implementation of setsockopt() operations in the Linux kernel. A privileged user inside a container could cause a DoS attack on the host (kernel deadlock in ip_ra_control() function) using a specially crafted sequence of system calls.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-06T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-062)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8797"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2017-062.NASL", "href": "https://www.tenable.com/plugins/nessus/101233", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101233);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-8797\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-062)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - The NFSv4 server in the Linux kernel compiled with\n CONFIG_NFSD_PNFS enabled does not properly validate\n layout type when processing NFSv4 pNFS LAYOUTGET and\n GETDEVICEINFO operands. The attack payload fits to\n single one-way UDP packet. The provided input value is\n used for array dereferencing. This may lead to a remote\n DoS of [knfsd] and so to a soft-lockup of a whole\n system.\n\n - A vulnerability was found in the implementation of\n setsockopt() operations in the Linux kernel. A\n privileged user inside a container could cause a DoS\n attack on the host (kernel deadlock in ip_ra_control()\n function) using a specially crafted sequence of system\n calls.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2835401\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-25.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?858fd78c\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-25.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7ef02dd1\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-25.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f55bb5c8\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.18.2.vz7.15.2\",\n \"patch\",\"readykernel-patch-15.2-25.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.18.7\",\n \"patch\",\"readykernel-patch-18.7-25.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.20.18\",\n \"patch\",\"readykernel-patch-20.18-25.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_HOLE, release:\"Virtuozzo-7\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:24:21", "description": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.\n(CVE-2017-5970)\n\nImpact\n\nThis vulnerability may allow a remote user to cause a denial of service (DoS) for the BIG-IP control plane.\n\nNote : Only the BIG-IP control plane is vulnerable; the data plane is not affected by this vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-04-19T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K60104355)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL60104355.NASL", "href": "https://www.tenable.com/plugins/nessus/99444", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K60104355.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99444);\n script_version(\"3.7\");\n script_cvs_date(\"Date: 2019/01/04 10:03:41\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K60104355)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the\nLinux kernel through 4.9.9 allows attackers to cause a denial of\nservice (system crash) via (1) an application that makes crafted\nsystem calls or possibly (2) IPv4 traffic with invalid IP options.\n(CVE-2017-5970)\n\nImpact\n\nThis vulnerability may allow a remote user to cause a denial of\nservice (DoS) for the BIG-IP control plane.\n\nNote : Only the BIG-IP control plane is vulnerable; the data plane is\nnot affected by this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K60104355\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K60104355.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K60104355\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\",\"11.2.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"14.0.0\",\"13.0.0-13.1.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"14.1.0\",\"14.0.0.3\",\"13.1.1\",\"13.1.0.8\",\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:21:45", "description": "This update for the Linux Kernel 3.12.60-52_60 fixes one issue. The following security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0772-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0772-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97850", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0772-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97850);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0772-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_60 fixes one issue. The\nfollowing security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed\n attackers to cause a denial of service (system crash)\n via (1) an application that made crafted system calls or\n possibly (2) IPv4 traffic with invalid IP options\n (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170772-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1600cd4a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-423=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-423=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_60-default-3-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_60-xen-3-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:22:23", "description": "This update for the Linux Kernel 3.12.60-52_57 fixes one issue. The following security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0770-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0770-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97848", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0770-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97848);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0770-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_57 fixes one issue. The\nfollowing security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed\n attackers to cause a denial of service (system crash)\n via (1) an application that made crafted system calls or\n possibly (2) IPv4 traffic with invalid IP options\n (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170770-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ab851ef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-422=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-422=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_57-default-4-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_57-xen-4-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:22:23", "description": "This update for the Linux Kernel 3.12.55-52_42 fixes one issue. The following security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0771-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_55-52_42-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_55-52_42-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0771-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97849", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0771-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97849);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0771-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.55-52_42 fixes one issue. The\nfollowing security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed\n attackers to cause a denial of service (system crash)\n via (1) an application that made crafted system calls or\n possibly (2) IPv4 traffic with invalid IP options\n (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170771-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2d3acc9b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-418=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-418=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_55-52_42-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_55-52_42-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_55-52_42-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_55-52_42-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:23:24", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4_pktinfo_prepare() function to drop/free the dst.\n This could result in a system crash or possible privilege escalation.\n\n - A vulnerability was found in the implementation of SCTP protocol in the Linux kernel. If the sctp module was loaded on the host, a privileged user inside a container could cause a kernel crash by triggering use-after-free in the __sctp_connect() function with a specially crafted sequence of system calls.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-032)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:readykernel", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2017-032.NASL", "href": "https://www.tenable.com/plugins/nessus/99732", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99732);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-5970\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-032)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - A vulnerability was found in the Linux kernel where\n having malicious IP options present would cause the\n ipv4_pktinfo_prepare() function to drop/free the dst.\n This could result in a system crash or possible\n privilege escalation.\n\n - A vulnerability was found in the implementation of SCTP\n protocol in the Linux kernel. If the sctp module was\n loaded on the host, a privileged user inside a\n container could cause a kernel crash by triggering\n use-after-free in the __sctp_connect() function with a\n specially crafted sequence of system calls.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2796925\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-20.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f67e555b\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-20.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e35a0d51\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-20.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e718308f\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.18.2.vz7.15.2\",\n \"patch\",\"readykernel-patch-15.2-20.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.18.7\",\n \"patch\",\"readykernel-patch-18.7-20.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.20.18\",\n \"patch\",\"readykernel-patch-20.18-20.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:20:59", "description": "This update for the Linux Kernel 3.12.61-52_66 fixes one issue. The following security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0780-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0780-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97851", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0780-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97851);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0780-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_66 fixes one issue. The\nfollowing security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed\n attackers to cause a denial of service (system crash)\n via (1) an application that made crafted system calls or\n possibly (2) IPv4 traffic with invalid IP options\n (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170780-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2664210c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-437=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-437=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_66-default-2-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_66-xen-2-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:21:18", "description": "This update for the Linux Kernel 3.12.60-52_49 fixes one issue. The following security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0769-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_49-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_49-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0769-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97847", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0769-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97847);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:0769-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_49 fixes one issue. The\nfollowing security bug was fixed :\n\n - CVE-2017-5970: The ipv4_pktinfo_prepare function in\n net/ipv4/ip_sockglue.c in the Linux kernel allowed\n attackers to cause a denial of service (system crash)\n via (1) an application that made crafted system calls or\n possibly (2) IPv4 traffic with invalid IP options\n (bsc#1025013).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170769-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a48b5e1f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-420=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-420=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_49-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_49-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_49-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_49-xen-7-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:19:09", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to fix the following two issues :\n\n - CVE-2017-5970: Remote attackers could have potentially caused a denial of service by sending bad IP options on a socket (bsc#1024938)\n\n - Fix a regression in MD RAID1 which could have caused wrong data to be read (bsc#1020048)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-21T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0517-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-0517-1.NASL", "href": "https://www.tenable.com/plugins/nessus/97298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:0517-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97298);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-5970\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:0517-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP1 kernel was updated to fix the\nfollowing two issues :\n\n - CVE-2017-5970: Remote attackers could have potentially\n caused a denial of service by sending bad IP options on\n a socket (bsc#1024938)\n\n - Fix a regression in MD RAID1 which could have caused\n wrong data to be read (bsc#1020048)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1020048\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1024938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-5970/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20170517-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12f25710\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2017-267=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2017-267=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-267=1\n\nSUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch\nSUSE-SLE-Module-Public-Cloud-12-2017-267=1\n\nSUSE Linux Enterprise Live Patching 12:zypper in -t patch\nSUSE-SLE-Live-Patching-12-2017-267=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2017-267=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/02/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.69-60.64.32.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.69-60.64.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-25T13:34:08", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerability (USN-3150-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3150-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95568", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3150-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95568);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3150-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerability (USN-3150-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3150-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3150-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-118-generic\", pkgver:\"3.2.0-118.161\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-118-generic-pae\", pkgver:\"3.2.0-118.161\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-118-highbank\", pkgver:\"3.2.0-118.161\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-118-virtual\", pkgver:\"3.2.0-118.161\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic\", pkgver:\"3.2.0.118.133\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-pae\", pkgver:\"3.2.0.118.133\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-highbank\", pkgver:\"3.2.0.118.133\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-virtual\", pkgver:\"3.2.0.118.133\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:33:55", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.10 : linux vulnerability (USN-3152-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3152-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95573", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3152-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95573);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3152-1\");\n\n script_name(english:\"Ubuntu 16.10 : linux vulnerability (USN-3152-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3152-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3152-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-30-generic\", pkgver:\"4.8.0-30.32\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-30-generic-lpae\", pkgver:\"4.8.0-30.32\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-30-lowlatency\", pkgver:\"4.8.0-30.32\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic\", pkgver:\"4.8.0.30.39\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.8.0.30.39\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.8.0.30.39\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-generic / linux-image-4.8-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:35:22", "description": "USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3151-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3151-2.NASL", "href": "https://www.tenable.com/plugins/nessus/95570", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3151-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95570);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3151-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3151-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3151-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3151-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-53-generic\", pkgver:\"4.4.0-53.74~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-53-generic-lpae\", pkgver:\"4.4.0-53.74~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-53-lowlatency\", pkgver:\"4.4.0-53.74~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.53.40\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.53.40\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.53.40\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:32", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3152-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3152-2.NASL", "href": "https://www.tenable.com/plugins/nessus/95574", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3152-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95574);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3152-2\");\n\n script_name(english:\"Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3152-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3152-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.8-raspi2 and / or linux-image-raspi2\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3152-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-1020-raspi2\", pkgver:\"4.8.0-1020.23\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-raspi2\", pkgver:\"4.8.0.1020.23\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-raspi2 / linux-image-raspi2\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:09", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3151-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3151-3.NASL", "href": "https://www.tenable.com/plugins/nessus/95571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3151-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95571);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3151-3\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3151-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3151-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.4-snapdragon and / or\nlinux-image-snapdragon packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3151-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1039-snapdragon\", pkgver:\"4.4.0-1039.43\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1039.31\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-snapdragon / linux-image-snapdragon\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:32", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux vulnerability (USN-3151-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3151-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3151-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95569);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3151-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux vulnerability (USN-3151-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3151-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3151-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-53-generic\", pkgver:\"4.4.0-53.74\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-53-generic-lpae\", pkgver:\"4.4.0-53.74\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-53-lowlatency\", pkgver:\"4.4.0-53.74\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.53.56\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.53.56\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.53.56\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:08", "description": "New kernel packages are available for Slackware 14.2 and -current to fix a security issue.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-13T00:00:00", "type": "nessus", "title": "Slackware 14.2 / current : kernel (SSA:2016-347-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-firmware", "p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2016-347-01.NASL", "href": "https://www.tenable.com/plugins/nessus/95723", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2016-347-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95723);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"SSA\", value:\"2016-347-01\");\n\n script_name(english:\"Slackware 14.2 / current : kernel (SSA:2016-347-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New kernel packages are available for Slackware 14.2 and -current to\nfix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.931787\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?570ee885\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-firmware\", pkgver:\"20161211git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-headers\", pkgver:\"4.4.38_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"kernel-source\", pkgver:\"4.4.38_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20161211git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.38\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.38\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"kernel-firmware\", pkgver:\"20161211git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-generic-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-headers\", pkgver:\"4.4.38_smp\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-huge-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules\", pkgver:\"4.4.38\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-modules-smp\", pkgver:\"4.4.38_smp\", pkgarch:\"i686\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"kernel-source\", pkgver:\"4.4.38_smp\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-firmware\", pkgver:\"20161211git\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-generic\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-headers\", pkgver:\"4.4.38\", pkgarch:\"x86\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-huge\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-modules\", pkgver:\"4.4.38\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"kernel-source\", pkgver:\"4.4.38\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:18", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-raspi2 vulnerability (USN-3151-4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3151-4.NASL", "href": "https://www.tenable.com/plugins/nessus/95572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3151-4. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95572);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3151-4\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-raspi2 vulnerability (USN-3151-4)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3151-4/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.4-raspi2 and / or linux-image-raspi2\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3151-4\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1034-raspi2\", pkgver:\"4.4.0-1034.41\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-raspi2\", pkgver:\"4.4.0.1034.33\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-raspi2 / linux-image-raspi2\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:32", "description": "Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerability (USN-3149-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3149-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95566", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3149-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95566);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3149-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerability (USN-3149-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Philip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3149-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3149-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-105-generic\", pkgver:\"3.13.0-105.152\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-105-generic-lpae\", pkgver:\"3.13.0-105.152\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-105-lowlatency\", pkgver:\"3.13.0-105.152\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic\", pkgver:\"3.13.0.105.113\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"3.13.0.105.113\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"3.13.0.105.113\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-25T13:34:48", "description": "USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3149-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-8655"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3149-2.NASL", "href": "https://www.tenable.com/plugins/nessus/95567", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3149-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95567);\n script_version(\"2.12\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"USN\", value:\"3149-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3149-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 LTS.\n\nPhilip Pettersson discovered a race condition in the af_packet\nimplementation in the Linux kernel. A local unprivileged attacker\ncould use this to cause a denial of service (system crash) or run\narbitrary code with administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3149-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3149-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-105-generic\", pkgver:\"3.13.0-105.152~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-105-generic-lpae\", pkgver:\"3.13.0-105.152~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lpae-lts-trusty\", pkgver:\"3.13.0.105.96\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lts-trusty\", pkgver:\"3.13.0.105.96\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:20:15", "description": "An update of the linux package has been released.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2016-0014", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8655"], "modified": "2019-04-04T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2016-0014_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/121658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2016-0014. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121658);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2019/04/04\");\n\n script_cve_id(\"CVE-2016-8655\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2016-0014\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-14.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-8655\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-debuginfo-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-dev-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-docs-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-drivers-gpu-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-4.4.35-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-debuginfo-4.4.35-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-devel-4.4.35-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-docs-4.4.35-4.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-oprofile-4.4.35-3.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-sound-4.4.35-3.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:12:08", "description": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2016-8655, Important)\n\nRed Hat would like to thank Philip Pettersson for reporting this issue.\n\nEnhancement(s) :\n\n* Previously, the Broadcom bnx2x driver in the MRG kernel-rt used an incorrect PTP Hardware Clock (PHC) timer divisor value, which broke Precision Time Protocol (PTP) timestamping due to an unstable clock.\nThis update corrects the divisor value, and the PTP timestamping is now accurate, with monotonically increasing timestamp values.\n(BZ#1411139)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-03T00:00:00", "type": "nessus", "title": "RHEL 6 : MRG (RHSA-2017:0402)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8655"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2017-0402.NASL", "href": "https://www.tenable.com/plugins/nessus/97513", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0402. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97513);\n script_version(\"3.12\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-8655\");\n script_xref(name:\"RHSA\", value:\"2017:0402\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2017:0402)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* A race condition issue leading to a use-after-free flaw was found in\nthe way the raw packet sockets implementation in the Linux kernel\nnetworking subsystem handled synchronization while creating the\nTPACKET_V3 ring buffer. A local user able to open a raw packet socket\n(requires the CAP_NET_RAW capability) could use this flaw to elevate\ntheir privileges on the system. (CVE-2016-8655, Important)\n\nRed Hat would like to thank Philip Pettersson for reporting this\nissue.\n\nEnhancement(s) :\n\n* Previously, the Broadcom bnx2x driver in the MRG kernel-rt used an\nincorrect PTP Hardware Clock (PHC) timer divisor value, which broke\nPrecision Time Protocol (PTP) timestamping due to an unstable clock.\nThis update corrects the divisor value, and the PTP timestamping is\nnow accurate, with monotonically increasing timestamp values.\n(BZ#1411139)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-8655\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'AF_PACKET chocobo_root Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-8655\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2017:0402\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0402\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.215.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.10.0-514.rt56.215.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "photon": [{"lastseen": "2022-05-12T18:36:34", "description": "Updates of ['linux', 'linux-esx', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2018-0012", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2018-01-13T00:00:00", "id": "PHSA-2018-0012", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-12", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-12T18:08:10", "description": "Updates of ['linux', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-13T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2018-0099", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2018-01-13T00:00:00", "id": "PHSA-2018-0099", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-99", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2022-07-07T11:11:20", "description": "crypto/pcrypt.c in the Linux kernel, before 4.14.13, mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-29T05:20:04", "type": "redhatcve", "title": "CVE-2017-18075", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2022-07-07T09:24:04", "id": "RH:CVE-2017-18075", "href": "https://access.redhat.com/security/cve/cve-2017-18075", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:09:35", "description": "An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-06T01:28:54", "type": "redhatcve", "title": "CVE-2018-20511", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20511"], "modified": "2022-07-07T10:51:17", "id": "RH:CVE-2018-20511", "href": "https://access.redhat.com/security/cve/cve-2018-20511", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-07-07T11:11:33", "description": "In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-06T10:18:56", "type": "redhatcve", "title": "CVE-2017-18216", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18216"], "modified": "2022-07-07T09:25:46", "id": "RH:CVE-2017-18216", "href": "https://access.redhat.com/security/cve/cve-2017-18216", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T11:10:06", "description": "An issue was discovered in the F2FS filesystem code in the Linux kernel in fs/f2fs/inode.c. A denial of service due to a slab out-of-bounds read can occur for a crafted f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-01-10T21:34:49", "type": "redhatcve", "title": "CVE-2018-13098", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13098"], "modified": "2022-07-07T10:27:26", "id": "RH:CVE-2018-13098", "href": "https://access.redhat.com/security/cve/cve-2018-13098", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-09-02T22:50:37", "description": "In the Linux kernel's vmw_gb_surface_define_ioctl() function, in 'drivers/gpu/drm/vmwgfx/vmwgfx_surface.c' file, a 'req->mip_levels' is a user-controlled value which is later used as a loop count limit. This allows local unprivileged user to cause a denial of service by a kernel lockup via a crafted ioctl call for a '/dev/dri/renderD*' device.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-03-31T07:48:16", "type": "redhatcve", "title": "CVE-2017-7346", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7346"], "modified": "2020-04-08T20:39:36", "id": "RH:CVE-2017-7346", "href": "https://access.redhat.com/security/cve/cve-2017-7346", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:53:17", "description": "A heap-buffer overflow vulnerability was found in the arcmsr_iop_message_xfer() function in 'drivers/scsi/arcmsr/arcmsr_hba.c' file in the Linux kernel through 4.8.2. The function does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can potentially cause kernel heap corruption and arbitrary kernel code execution.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-04-08T17:21:21", "type": "redhatcve", "title": "CVE-2016-7425", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7425"], "modified": "2020-05-06T19:37:54", "id": "RH:CVE-2016-7425", "href": "https://access.redhat.com/security/cve/CVE-2016-7425", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:49:18", "description": "It was found that the NFSv4 server in the Linux kernel did not properly validate layout type when processing NFSv4 pNFS LAYOUTGET and GETDEVICEINFO operands. A remote attacker could use this flaw to soft-lockup the system and thus cause denial of service.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-06-29T13:19:25", "type": "redhatcve", "title": "CVE-2017-8797", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8797"], "modified": "2020-08-21T16:49:04", "id": "RH:CVE-2017-8797", "href": "https://access.redhat.com/security/cve/cve-2017-8797", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:51:37", "description": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections allowing local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-01-25T13:47:50", "type": "redhatcve", "title": "CVE-2017-5577", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5577"], "modified": "2020-04-08T20:15:42", "id": "RH:CVE-2017-5577", "href": "https://access.redhat.com/security/cve/cve-2017-5577", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:50:12", "description": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allows users able to plant rogue PCI device on the system to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.\n#### Mitigation\n\nThis issue requires rogue PCI device to be planted on the system. Once such rogue PCI device is successfully planted however, attacker has usually more options for hostile takeover than just exploiting this issue. To mitigate this issue restrict physical access to your systems to only approved personnel (and generally follow general physical security guidelines) and do not use/insert into system PCI devices with unknown origin. \n\n", "cvss3": {"exploitabilityScore": 0.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 6.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2017-05-11T09:50:43", "type": "redhatcve", "title": "CVE-2017-8831", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8831"], "modified": "2021-06-02T09:42:33", "id": "RH:CVE-2017-8831", "href": "https://access.redhat.com/security/cve/cve-2017-8831", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:09:39", "description": "A memory leak in the irda_bind function in net/irda/af_irda.c in the Linux kernel, through 4.16, allows local users to cause a denial of service due to a memory consumption by repeatedly binding an AF_IRDA socket.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-07T11:29:36", "type": "redhatcve", "title": "CVE-2018-6554", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6554"], "modified": "2022-07-07T11:02:06", "id": "RH:CVE-2018-6554", "href": "https://access.redhat.com/security/cve/cve-2018-6554", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:51:16", "description": "A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4_pktinfo_prepare() function to drop/free the dst. This could result in a system crash or possible privilege escalation.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-02-13T11:12:18", "type": "redhatcve", "title": "CVE-2017-5970", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2020-08-21T19:14:10", "id": "RH:CVE-2017-5970", "href": "https://access.redhat.com/security/cve/cve-2017-5970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-07T11:09:11", "description": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-04T05:44:54", "type": "redhatcve", "title": "CVE-2018-16862", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862"], "modified": "2022-07-07T10:38:59", "id": "RH:CVE-2018-16862", "href": "https://access.redhat.com/security/cve/cve-2018-16862", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-21T00:08:39", "description": "A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-10-09T04:21:35", "type": "redhatcve", "title": "CVE-2016-8655", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8655"], "modified": "2022-01-20T21:59:33", "id": "RH:CVE-2016-8655", "href": "https://access.redhat.com/security/cve/CVE-2016-8655", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:52:52", "description": "crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing\ninstances, allowing a local user able to access the AF_ALG-based AEAD\ninterface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT)\nto cause a denial of service (kfree of an incorrect pointer) or possibly\nhave unspecified other impact by executing a crafted sequence of system\ncalls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-24T00:00:00", "type": "ubuntucve", "title": "CVE-2017-18075", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2018-01-24T00:00:00", "id": "UB:CVE-2017-18075", "href": "https://ubuntu.com/security/CVE-2017-18075", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T13:44:02", "description": "An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl\nfunction in drivers/net/appletalk/ipddp.c allows local users to obtain\nsensitive kernel address information by leveraging CAP_NET_ADMIN to read\nthe ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | An attacker needs root privileges (the CAP_NET_ADMIN capability) to leverage this flaw.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-27T00:00:00", "type": "ubuntucve", "title": "CVE-2018-20511", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20511"], "modified": "2018-12-27T00:00:00", "id": "UB:CVE-2018-20511", "href": "https://ubuntu.com/security/CVE-2018-20511", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-04T13:51:47", "description": "In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local\nusers can cause a denial of service (NULL pointer dereference and BUG)\nbecause a required mutex is not used.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-05T00:00:00", "type": "ubuntucve", "title": "CVE-2017-18216", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18216"], "modified": "2018-03-05T00:00:00", "id": "UB:CVE-2017-18216", "href": "https://ubuntu.com/security/CVE-2017-18216", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:13:44", "description": "fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed\ninline extents, which allows local users to obtain sensitive pre-truncation\ninformation from a file via a clone action.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1521273>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[tyhicks](<https://launchpad.net/~tyhicks>) | From the fix's commit message, \"This problem exists since the clone ioctl was added ...\". BTRFS_IOC_CLONE was added by f2eb0a24.\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8374", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8374"], "modified": "2015-12-28T00:00:00", "id": "UB:CVE-2015-8374", "href": "https://ubuntu.com/security/CVE-2015-8374", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-26T14:14:38", "description": "An issue was discovered in fs/f2fs/inode.c in the Linux kernel through\n4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for\na modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | fix commit subject \"f2fs: fix to do sanity check with extra_attr feature\" \n[tyhicks](<https://launchpad.net/~tyhicks>) | The affected user base for this issue is likely small since f2fs is not the default filesystem and it is not widely used in Ubuntu\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-03T00:00:00", "type": "ubuntucve", "title": "CVE-2018-13098", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13098"], "modified": "2018-07-03T00:00:00", "id": "UB:CVE-2018-13098", "href": "https://ubuntu.com/security/CVE-2018-13098", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:03:19", "description": "The vmw_gb_surface_define_ioctl function in\ndrivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7\ndoes not validate certain levels data, which allows local users to cause a\ndenial of service (system hang) via a crafted ioctl call for a\n/dev/dri/renderD* device.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-30T00:00:00", "type": "ubuntucve", "title": "CVE-2017-7346", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7346"], "modified": "2017-03-30T00:00:00", "id": "UB:CVE-2017-7346", "href": "https://ubuntu.com/security/CVE-2017-7346", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:10:21", "description": "arch/arm64/include/asm/pgtable.h in the Linux kernel before\n3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X\nand 6P devices, mishandles execute-only pages, which allows attackers to\ngain privileges via a crafted application, aka Android internal bug\n28557020.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-11T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9803", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9803"], "modified": "2016-07-11T00:00:00", "id": "UB:CVE-2014-9803", "href": "https://ubuntu.com/security/CVE-2014-9803", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-18T14:41:59", "description": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in\nthe Linux kernel through 4.8.2 does not restrict a certain length field,\nwhich allows local users to gain privileges or cause a denial of service\n(heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control\ncode.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7425", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7425"], "modified": "2016-10-16T00:00:00", "id": "UB:CVE-2016-7425", "href": "https://ubuntu.com/security/CVE-2016-7425", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T15:33:01", "description": "The implementation of certain splice_write file operations in the Linux\nkernel before 3.16 does not enforce a restriction on the maximum size of a\nsingle file, which allows local users to cause a denial of service (system\ncrash) or possibly have unspecified other impact via a crafted splice\nsystem call, as demonstrated by use of a file descriptor associated with an\next4 filesystem.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1416498>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2015-03-16T00:00:00", "type": "ubuntucve", "title": "CVE-2014-7822", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2015-03-16T00:00:00", "id": "UB:CVE-2014-7822", "href": "https://ubuntu.com/security/CVE-2014-7822", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:00:34", "description": "The NFSv4 server in the Linux kernel before 4.11.3 does not properly\nvalidate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or\nLAYOUTGET operand in a UDP packet from a remote attacker. This type value\nis uninitialized upon encountering certain error conditions. This value is\nused as an array index for dereferencing, which leads to an OOPS and\neventually a DoS of knfsd and a soft-lockup of the whole system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-02T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8797", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8797"], "modified": "2017-07-02T00:00:00", "id": "UB:CVE-2017-8797", "href": "https://ubuntu.com/security/CVE-2017-8797", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:05:28", "description": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore\nDRM driver in the Linux kernel before 4.9.7 does not set an errno value\nupon certain overflow detections, which allows local users to cause a\ndenial of service (incorrect pointer dereference and OOPS) via inconsistent\nsize values in a VC4_SUBMIT_CL ioctl call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[tyhicks](<https://launchpad.net/~tyhicks>) | See lkml.org link for the proposed fix. As of 2017-01-25, the fix has not been committed upstream.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T00:00:00", "type": "ubuntucve", "title": "CVE-2017-5577", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5577"], "modified": "2017-02-06T00:00:00", "id": "UB:CVE-2017-5577", "href": "https://ubuntu.com/security/CVE-2017-5577", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:01:57", "description": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in\nthe Linux kernel through 4.11.5 allows local users to cause a denial of\nservice (out-of-bounds array access) or possibly have unspecified other\nimpact by changing a certain sequence-number value, aka a \"double fetch\"\nvulnerability.\n\n#### Bugs\n\n * <https://bugzilla.kernel.org/show_bug.cgi?id=195559>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | Marking this issue as low since it requires relatively uncommon hardware\n", "cvss3": {"exploitabilityScore": 0.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.4, "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T00:00:00", "type": "ubuntucve", "title": "CVE-2017-8831", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8831"], "modified": "2017-05-08T00:00:00", "id": "UB:CVE-2017-8831", "href": "https://ubuntu.com/security/CVE-2017-8831", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:04:09", "description": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could\nenable a local malicious application to execute arbitrary code within the\ncontext of the kernel. This issue is rated as High because it first\nrequires compromising a privileged process. Product: Android. Versions:\nN/A. Android ID: A-32835279. References: QC-CR#1096945.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-08T00:00:00", "type": "ubuntucve", "title": "CVE-2017-0523", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0523"], "modified": "2017-03-08T00:00:00", "id": "UB:CVE-2017-0523", "href": "https://ubuntu.com/security/CVE-2017-0523", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T13:46:42", "description": "Memory leak in the irda_bind function in net/irda/af_irda.c and later in\ndrivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows\nlocal users to cause a denial of service (memory consumption) by repeatedly\nbinding an AF_IRDA socket.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The irda subsystem was removed in 4.17\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-04T00:00:00", "type": "ubuntucve", "title": "CVE-2018-6554", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6554"], "modified": "2018-09-04T00:00:00", "id": "UB:CVE-2018-6554", "href": "https://ubuntu.com/security/CVE-2018-6554", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:12:46", "description": "sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking\napproach that does not consider slave timer instances, which allows local\nusers to cause a denial of service (race condition, use-after-free, and\nsystem crash) via a crafted ioctl call.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1549190>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.1, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-02-24T00:00:00", "type": "ubuntucve", "title": "CVE-2016-2547", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2547"], "modified": "2016-02-24T00:00:00", "id": "UB:CVE-2016-2547", "href": "https://ubuntu.com/security/CVE-2016-2547", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:05:07", "description": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux\nkernel through 4.9.9 allows attackers to cause a denial of service (system\ncrash) via (1) an application that makes crafted system calls or possibly\n(2) IPv4 traffic with invalid IP options.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | upstream commit references d826eb14ecef as the break point, but Nicholas Leudkte's cve references f84af32cbca70a3c6d30463dc08c7984af11c277. The latter predates the former, and there is early dropping of the dst added there. even before the conversion in d826eb14ecef. \n[tyhicks](<https://launchpad.net/~tyhicks>) | In upstream 4.14, 61a1030 reverts the fix because 91ed1e6 removes the the usage of the SKB dst from __ip_options_echo(). So, an alternative fix for this CVE is 91ed1e6.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-14T00:00:00", "type": "ubuntucve", "title": "CVE-2017-5970", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2017-02-14T00:00:00", "id": "UB:CVE-2017-5970", "href": "https://ubuntu.com/security/CVE-2017-5970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T13:44:57", "description": "A security flaw was found in the Linux kernel in a way that the cleancache\nsubsystem clears an inode after the final file truncation (removal). The\nnew file created with the same inode may contain leftover pages from\ncleancache and the old file data instead of the new one.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1649017>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | Only affects Ubuntu kernels running under Xen which use the tmem driver\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-26T00:00:00", "type": "ubuntucve", "title": "CVE-2018-16862", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862"], "modified": "2018-11-26T00:00:00", "id": "UB:CVE-2018-16862", "href": "https://ubuntu.com/security/CVE-2018-16862", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-18T14:39:52", "description": "Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12\nallows local users to gain privileges or cause a denial of service\n(use-after-free) by leveraging the CAP_NET_RAW capability to change a\nsocket version, related to the packet_set_ring and packet_setsockopt\nfunctions.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1646318>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-05T00:00:00", "type": "ubuntucve", "title": "CVE-2016-8655", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8655"], "modified": "2016-12-05T00:00:00", "id": "UB:CVE-2016-8655", "href": "https://ubuntu.com/security/CVE-2016-8655", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T15:11:20", "description": "crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-24T10:29:00", "type": "cve", "title": "CVE-2017-18075", "cwe": ["CWE-763"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2019-10-03T00:03:00", "cpe": [], "id": "CVE-2017-18075", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18075", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2022-03-23T15:52:57", "description": "An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-27T14:29:00", "type": "cve", "title": "CVE-2018-20511", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20511"], "modified": "2019-04-01T21:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2018-20511", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20511", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:13:40", "description": "In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-05T18:29:00", "type": "cve", "title": "CVE-2017-18216", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18216"], "modified": "2018-10-30T10:29:00", "cpe": [], "id": "CVE-2017-18216", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18216", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T14:17:17", "description": "fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "type": "cve", "title": "CVE-2015-8374", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8374"], "modified": "2018-01-05T02:30:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.2"], "id": "CVE-2015-8374", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8374", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:48:30", "description": "An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-03T10:29:00", "type": "cve", "title": "CVE-2018-13098", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13098"], "modified": "2019-08-13T19:15:00", "cpe": ["cpe:/o:linux:linux_kernel:4.17.3"], "id": "CVE-2018-13098", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-13098", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.17.3:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:35:28", "description": "The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-30T23:59:00", "type": "cve", "title": "CVE-2017-7346", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7346"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.10.7"], "id": "CVE-2017-7346", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7346", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.10.7:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T15:43:52", "description": "arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-11T01:59:00", "type": "cve", "title": "CVE-2014-9803", "cwe": ["CWE-19"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9803"], "modified": "2016-07-12T13:52:00", "cpe": ["cpe:/o:google:android:6.0.1", "cpe:/o:linux:linux_kernel:3.15"], "id": "CVE-2014-9803", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9803", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.15:rc4:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-01-17T23:24:44", "description": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2016-7425", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7425"], "modified": "2023-01-17T21:15:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.10", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:12.04"], "id": "CVE-2016-7425", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7425", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"]}, {"lastseen": "2022-03-23T14:50:36", "description": "The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.", "cvss3": {}, "published": "2015-03-16T10:59:00", "type": "cve", "title": "CVE-2014-7822", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.15.8"], "id": "CVE-2014-7822", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7822", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.15.8:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:52:04", "description": "The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-07-02T17:29:00", "type": "cve", "title": "CVE-2017-8797", "cwe": ["CWE-129"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8797"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/o:linux:linux_kernel:4.11.2"], "id": "CVE-2017-8797", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8797", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.11.2:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T17:53:49", "description": "The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-06T06:59:00", "type": "cve", "title": "CVE-2017-5577", "cwe": ["CWE-388"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5577"], "modified": "2017-02-08T18:32:00", "cpe": ["cpe:/o:linux:linux_kernel:4.9.6"], "id": "CVE-2017-5577", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5577", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.9.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:52:23", "description": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.", "cvss3": {"exploitabilityScore": 0.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.4, "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-05-08T06:29:00", "type": "cve", "title": "CVE-2017-8831", "cwe": ["CWE-125"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-8831"], "modified": "2021-06-01T19:14:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:linux:linux_kernel:4.11.5"], "id": "CVE-2017-8831", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-8831", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:56:58", "description": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-32835279. References: QC-CR#1096945.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-08T01:59:00", "type": "cve", "title": "CVE-2017-0523", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0523"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:google:android:7.1.1"], "id": "CVE-2017-0523", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0523", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T18:21:35", "description": "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-04T18:29:00", "type": "cve", "title": "CVE-2018-6554", "cwe": ["CWE-772"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-6554"], "modified": "2019-10-09T23:41:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:12.04"], "id": "CVE-2018-6554", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6554", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2022-03-23T13:07:24", "description": "sound/core/timer.c in the Linux kernel before 4.4.1 employs a locking approach that does not consider slave timer instances, which allows local users to cause a denial of service (race condition, use-after-free, and system crash) via a crafted ioctl call.", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.1, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "cve", "title": "CVE-2016-2547", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2547"], "modified": "2017-09-07T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4"], "id": "CVE-2016-2547", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2547", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T17:59:48", "description": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-02-14T06:59:00", "type": "cve", "title": "CVE-2017-5970", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-5970"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:4.9.9"], "id": "CVE-2017-5970", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5970", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.9.9:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T14:19:58", "description": "A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-11-26T19:29:00", "type": "cve", "title": "CVE-2018-16862", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16862"], "modified": "2019-04-01T21:29:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:linux:linux_kernel:4.14", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:redhat:enterprise_linux:7.0"], "id": "CVE-2018-16862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16862", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}], "debiancve": [{"lastseen": "2023-01-19T14:38:47", "description": "crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-24T10:29:00", "type": "debiancve", "title": "CVE-2017-18075", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18075"], "modified": "2018-01-24T10:29:00", "id": "DEBIANCVE:CVE-2017-18075", "href": "https://security-tracker.debian.org/tracker/CVE-2017-18075", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:38:49", "description": "An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-27T14:29:00", "type": "debiancve", "title": "CVE-2018-20511", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20511"], "modified": "2018-12-27T14:29:00", "id": "DEBIANCVE:CVE-2018-20511", "href": "https://security-tracker.debian.org/tracker/CVE-2018-20511", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-19T14:38:47", "description": "In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-05T18:29:00", "type": "debiancve", "title": "CVE-2017-18216", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18216"], "modified": "2018-03-05T18:29:00", "id": "DEBIANCVE:CVE-2017-18216", "href": "https://security-tracker.debian.org/tracker/CVE-2017-18216", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-19T14:38:45", "description": "fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-28T11:59:00", "type": "debiancve", "title": "CVE-2015-8374", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8374"], "modified": "2015-12-28T11:59:00", "id": "DEBIANCVE:CVE-2015-8374", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8374", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-19T14:38:49", "description": "An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-03T10:29:00", "type": "debiancve", "title": "CVE-2018-13098", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-13098"], "modified": "2018-07-03T10:29:00", "id": "DEBIANCVE:CVE-2018-13098", "href": "https://security-tracker.debian.org/tracker/CVE-2018-13098", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-19T14:38:48", "description": "The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial of service (system hang) via a crafted ioctl call for a /dev/dri/renderD* device.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-03-30T23:59:00", "type": "debiancve", "title": "CVE-2017-7346", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7346"], "modified": "2017-03-30T23:59:00", "id": "DEBIANCVE:CVE-2017-7346", "href": "https://security-tracker.debian.org/tracker/CVE-2017-7346", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-19T14:38:44", "description": "arch/arm64/include/asm/pgtable.h in the Linux kernel before 3.15-rc5-next-20140519, as used in Android before 2016-07-05 on Nexus 5X and 6P devices, mishandles execute-only pages, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28557020.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-07-11T01:59:00", "type": "debiancve", "title": "CVE-2014-9803", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9803"], "modified": "2016-07-11T01:59:00", "id": "DEBIANCVE:CVE-2014-9803", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9803", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:38:46", "description": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2016-7425", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7425"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2016-7425", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7425", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:38:43", "description": "The implementation of certain splice_write file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted splice system call, as demonstrated by use of a file descriptor associated with an ext4 filesystem.", "cvss3": {}, "published": "2015-03-16T10:59:00", "type": "debiancve", "title": "CVE-2014-7822", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-7822"], "modified": "2015-03-16T10:59:00", "id": "DEBIANCVE:CVE-2014-7822", "href": "https://security-tracker.debian.org/tracker/CVE-2014-7822", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-19T14:38:48", "description": "The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH&

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1482)

Description

Related