EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)

2019-05-13T00:00:00

Description

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.(CVE-2018-5391)Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer.(CVE-2014-3184)The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.(CVE-2017-18257)netetfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.(CVE-2017-17450)A denial of service flaw was discovered in the Linux kernel, where a race condition caused a NULL pointer dereference in the RDS socket-creation code. A local attacker could use this flaw to create a situation in which a NULL pointer crashed the kernel.(CVE-2015-7990)An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.(CVE-2018-20169)mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.(CVE-2015-3288)The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.(CVE-2015-8660)A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlb_mcopy_atomic_pte could create an invalid inode variable, leading to a kernel panic.(CVE-2017-15128)An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-4608)It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word (PSW) was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory.(CVE-2014-3534)A use-after-free flaw was found in the Linux kernel's file system encryption implementation. A local user could revoke keyring keys being used for ext4, f2fs, or ubifs encryption, causing a denial of service on the system.(CVE-2017-7374)The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.(CVE-2016-3955)A flaw was found in the patches used to fix the 'dirtycow' vulnerability (CVE-2016-5195). An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.(CVE-2017-1000405)The aio_mount function in fs/aio.c in the Linux kernel does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions.(CVE-2016-10044)The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.(CVE-2017-18232)A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.(CVE-2016-6828)The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.(CVE-2014-8481)The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.(CVE-2014-9904)The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.(CVE-2018-7740) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

{"id": "EULEROS_SA-2019-1505.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc.Security Fix(es):A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.(CVE-2018-5391)Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer.(CVE-2014-3184)The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.(CVE-2017-18257)netetfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.(CVE-2017-17450)A denial of service flaw was discovered in the Linux kernel, where a race condition caused a NULL pointer dereference in the RDS socket-creation code. A local attacker could use this flaw to create a situation in which a NULL pointer crashed the kernel.(CVE-2015-7990)An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to\n __usb_get_extra_descriptor in drivers/usb/core/usb.c.(CVE-2018-20169)mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.(CVE-2015-3288)The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.(CVE-2015-8660)A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs.\n A missing size check in hugetlb_mcopy_atomic_pte could create an invalid inode variable, leading to a kernel panic.(CVE-2017-15128)An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system.(CVE-2014-4608)It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word (PSW) was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory.(CVE-2014-3534)A use-after-free flaw was found in the Linux kernel's file system encryption implementation. A local user could revoke keyring keys being used for ext4, f2fs, or ubifs encryption, causing a denial of service on the system.(CVE-2017-7374)The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.(CVE-2016-3955)A flaw was found in the patches used to fix the 'dirtycow' vulnerability (CVE-2016-5195). An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages.(CVE-2017-1000405)The aio_mount function in fs/aio.c in the Linux kernel does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions.(CVE-2016-10044)The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.(CVE-2017-18232)A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.(CVE-2016-6828)The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.(CVE-2014-8481)The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.(CVE-2014-9904)The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.(CVE-2018-7740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2019-05-13T00:00:00", "modified": "2021-02-09T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/124828", "reporter": "This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7374", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000405", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15128", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6828", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8481", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18257", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3534", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3955", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9904", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3288", "http://www.nessus.org/u?0dd8d759", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10044", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17450", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3184", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7740", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7990", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18232", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8660", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608"], "cvelist": ["CVE-2014-3184", "CVE-2014-3534", "CVE-2014-4608", "CVE-2014-8481", "CVE-2014-9904", "CVE-2015-3288", "CVE-2015-7990", "CVE-2015-8660", "CVE-2016-10044", "CVE-2016-3955", "CVE-2016-6828", "CVE-2017-1000405", "CVE-2017-15128", "CVE-2017-17450", "CVE-2017-18232", "CVE-2017-18257", "CVE-2017-7374", "CVE-2018-20169", "CVE-2018-5391", "CVE-2018-7740"], "immutableFields": [], "lastseen": "2022-02-21T02:17:07", "viewCount": 12, "enchantments": {"dependencies": {"references": [{"type": "akamaiblog", "idList": ["AKAMAIBLOG:CA172BF5AAF741436B9DD55773785FB3"]}, {"type": "amazon", "idList": ["ALAS-2014-368", "ALAS-2016-740", "ALAS-2017-937", "ALAS-2018-1058", "ALAS-2018-944", "ALAS-2018-956", "ALAS-2018-993", "ALAS-2019-1145", "ALAS2-2018-1058", "ALAS2-2018-956", "ALAS2-2019-1145", "ALAS2-2020-1480"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-3288", "ANDROID:CVE-2016-6828"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-08-01", "ANDROID:2016-11-01", "ANDROID:2017-01-01", "ANDROID:2017-02-01", "ANDROID:2017-10-01"]}, {"type": "archlinux", "idList": ["ASA-201411-14", "ASA-201801-4"]}, {"type": "canvas", "idList": ["OVERLAYFS_SETATTR"]}, {"type": "centos", "idList": ["CESA-2014:1023", "CESA-2014:1392", "CESA-2014:1971", "CESA-2015:1272", "CESA-2015:2152", "CESA-2016:1539", "CESA-2017:0036", "CESA-2017:0086", "CESA-2018:2846", "CESA-2018:3083", "CESA-2020:1016"]}, {"type": "cert", "idList": ["VU:641765"]}, {"type": "checkpoint_security", "idList": ["CPS:SK134054", "CPS:SK134253"]}, {"type": "cisa", "idList": ["CISA:C541BA16D95B14C2CBD295BC9DE8EA16"]}, {"type": "cisco", "idList": ["CISCO-SA-20180824-LINUX-IP-FRAGMENT"]}, {"type": "citrix", "idList": ["CTX237244"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0BD4290D520A235B05B93F0ACF4B7C2B", "CFOUNDRY:3021E4215989A1024954356EA766D914", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:6D0A7CF1EF35A1C96485B4FC10A51978", "CFOUNDRY:74EC63FE794662FC4DFD36709B39475A", "CFOUNDRY:B6F9117DDC7188793F0CD8F25AB1B9C7", "CFOUNDRY:DC8819DC530904F76913C7D9F499576C", "CFOUNDRY:DD5D1D9C6111945649F25AEC016BA994", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F", "CFOUNDRY:E0F2211F76756FB0A1DC15D3072C87A0", "CFOUNDRY:E36E8558D6E84664F9D34B4A9E5179AC", "CFOUNDRY:FE675C625F5EEDC7C5C065721F8F1D96"]}, {"type": "cve", "idList": ["CVE-2014-3184", "CVE-2014-3534", "CVE-2014-4608", "CVE-2014-8481", "CVE-2014-9904", "CVE-2015-3288", "CVE-2015-7990", "CVE-2015-8660", "CVE-2016-10044", "CVE-2016-3955", "CVE-2016-6828", "CVE-2017-1000405", "CVE-2017-15128", "CVE-2017-17450", "CVE-2017-18232", "CVE-2017-18257", "CVE-2017-7374", "CVE-2018-20169", "CVE-2018-5391", "CVE-2018-7740"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1466-1:48FF6", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-1731-1:D19BD", "DEBIAN:DLA-1731-2:E6E1E", "DEBIAN:DLA-1771-1:3CE68", "DEBIAN:DLA-246-1:C824B", "DEBIAN:DLA-246-2:ABC0D", "DEBIAN:DLA-360-1:6C323", "DEBIAN:DLA-516-1:B66B7", "DEBIAN:DLA-609-1:1025A", "DEBIAN:DSA-2992-1:46152", "DEBIAN:DSA-2992-1:BF624", "DEBIAN:DSA-3396-1:605FF", "DEBIAN:DSA-3396-1:D48F1", "DEBIAN:DSA-3607-1:0BD6E", "DEBIAN:DSA-3607-1:29E1C", "DEBIAN:DSA-3616-1:690FB", "DEBIAN:DSA-3616-1:8F5D7", "DEBIAN:DSA-3659-1:3F508", "DEBIAN:DSA-3659-1:5EA31", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4082-1:58978", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4187-1:E8170", "DEBIAN:DSA-4188-1:B3909", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4272-1:8EBA1", "DEBIAN:DSA-4272-1:F720F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3184", "DEBIANCVE:CVE-2014-3534", "DEBIANCVE:CVE-2014-4608", "DEBIANCVE:CVE-2014-8481", "DEBIANCVE:CVE-2014-9904", "DEBIANCVE:CVE-2015-3288", "DEBIANCVE:CVE-2015-7990", "DEBIANCVE:CVE-2015-8660", "DEBIANCVE:CVE-2016-10044", "DEBIANCVE:CVE-2016-3955", "DEBIANCVE:CVE-2016-6828", "DEBIANCVE:CVE-2017-1000405", "DEBIANCVE:CVE-2017-15128", "DEBIANCVE:CVE-2017-17450", "DEBIANCVE:CVE-2017-18232", "DEBIANCVE:CVE-2017-18257", "DEBIANCVE:CVE-2017-7374", "DEBIANCVE:CVE-2018-20169", "DEBIANCVE:CVE-2018-5391", "DEBIANCVE:CVE-2018-7740"]}, {"type": "exploitdb", "idList": ["EDB-ID:39166", "EDB-ID:40688", "EDB-ID:40731", "EDB-ID:43199"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:1FBD31E3DB245782B704F7FD19F38A9F", "EXPLOITPACK:8F6B8C76EEF53C6BFF861531661BE5F3", "EXPLOITPACK:D8B1BFCB08D0FAA92CCBDBD01EF88A3F"]}, {"type": "f5", "idList": ["F5:K02433339", "F5:K07560020", "F5:K15512", "F5:K30905674", "F5:K61968355", "F5:K62442245", "F5:K74374841", "F5:K74413297", "F5:K94730263", "F5:K95343321", "F5:K98102572", "SOL07560020", "SOL15512", "SOL15912", "SOL30905674", "SOL98102572"]}, {"type": "fedora", "idList": ["FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:122AE604D3F9", "FEDORA:131186087E1C", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1CAC0608E6F2", "FEDORA:1CCC322073", "FEDORA:1EFAB60ACFB0", "FEDORA:20D7E60157CD", "FEDORA:222BB6075B34", "FEDORA:22E2B607603F", "FEDORA:23B6E225A0", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:2784A21C29", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:2BA602158D", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:3266960F0E44", "FEDORA:33D8860877E1", "FEDORA:36864607A1B4", "FEDORA:39B5660877A6", "FEDORA:3A6466075B34", "FEDORA:3CCDE601B23D", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:4359160906D1", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4D5AD601FDAC", "FEDORA:50E6E6087656", "FEDORA:52C43604E44B", "FEDORA:581F9608B7DF", "FEDORA:5C88A6062CA9", "FEDORA:5D742610B071", "FEDORA:5F9DC60BDC80", "FEDORA:648496077DD1", "FEDORA:6675C6051CCF", "FEDORA:6B66A6047312", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7734E613B647", "FEDORA:7960A6049C56", "FEDORA:7F8C960BC98D", "FEDORA:84C4E22D8F", "FEDORA:87BD56087904", "FEDORA:8E01360DC908", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:9330A21FE6", "FEDORA:95A686085F81", "FEDORA:975D760A94D0", "FEDORA:9BC696049C57", "FEDORA:9E3D9606D195", "FEDORA:A4C8660C350E", "FEDORA:AB52460321C9", "FEDORA:AE7DF602F5A9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:B87B460876BA", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:BD41660BC2B1", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C49D061F375F", "FEDORA:C56CF6087715", "FEDORA:C64AE6007F37", "FEDORA:CFDB8604972F", "FEDORA:D15E060F33C2", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:DFF016087D0B", "FEDORA:E1D7E6031252", "FEDORA:E328560486E4", "FEDORA:E37FD60924F1", "FEDORA:E6F08605DCE7", "FEDORA:E93AE6077DCD", "FEDORA:EBB026048D2E", "FEDORA:EF73760748F5"]}, {"type": "freebsd", "idList": ["D1F5E12A-FD5A-11E3-A108-080027EF73EC"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20190123-01-LINUX", "HUAWEI-SA-20200115-01-LINUX"]}, {"type": "ibm", "idList": ["0D95BD029EF7D61B7C200E5DCF5114404F54883607A0E5A132C410EA37160E69", "289F46B747F4C8F26E8F8D17623E34EDE1DB7595184FCDCC87FEDCC356AC9965", "2AD1085FDB0395E5C256FE4D0F4CB2974731A64B2BB5F290682C9F754F8F63BE", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "3E3AF8AC7BA63076BEE8FFB670B3A3F27E0903C83526E54496E50EB2DF74B875", "61EAA34D5E4645B71F124164E8135272DB3119CF3ABDC2864377B692FCF87527", "658C6A388449448220E16F3A05A122A56F35F4A9A9370C4B63DC0779B971B6CE", "6F75059EBDF719D84C8DC0CA4BAADF9428544BDAFCEEAE62F4225A55CA1E8AF0", "9148A44BD9A1C1A13CCEBD8F0346557CF005830103920CDDC01519240525CB58", "AED01AE411153EF61F18A5379A53E9FF22A1966A07D8367620044DFB22FE9466", "AF6E3EC9D5A5C3CF688EF87142347E0688A4AE1CB6831F92326966B86BF2D9C1", "B4234BB25932228355DB83C8FFB289B07CC2F57510D6DB1E2521E835FBB4B534", "D985488BCABE1A6D7BF676B029366FA571E4B1815D450B6390009413E9756D62", "DD411EA1F77F18E57C4DC818864CB0D5837DAEB7CFD8747629F8FCD7F969497C", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484"]}, {"type": "ics", "idList": ["ICSA-20-105-05"]}, {"type": "kitploit", "idList": ["KITPLOIT:5167596251841349275"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGAA-2016-0134", "MGASA-2016-0005", "MGASA-2016-0014", "MGASA-2016-0015", "MGASA-2016-0347", "MGASA-2016-0364", "MGASA-2018-0391", "MGASA-2018-0418", "MGASA-2018-0419"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-OVERLAYFS_PRIV_ESC-"]}, {"type": "mscve", "idList": ["MS:ADV180022"]}, {"type": "nessus", "idList": ["801970.PRM", "AL2_ALAS-2018-1058.NASL", "AL2_ALAS-2018-956.NASL", "AL2_ALAS-2019-1145.NASL", "AL2_ALAS-2020-1480.NASL", "ALA_ALAS-2014-368.NASL", "ALA_ALAS-2016-740.NASL", "ALA_ALAS-2017-937.NASL", "ALA_ALAS-2018-1058.NASL", "ALA_ALAS-2018-944.NASL", "ALA_ALAS-2018-956.NASL", "ALA_ALAS-2018-993.NASL", "ALA_ALAS-2019-1145.NASL", "ARISTA_CVP_SA0037.NASL", "ARISTA_EOS_SA0037.NASL", "CENTOS8_RHSA-2019-3517.NASL", "CENTOS_RHSA-2014-1023.NASL", "CENTOS_RHSA-2014-1392.NASL", "CENTOS_RHSA-2014-1971.NASL", "CENTOS_RHSA-2015-1272.NASL", "CENTOS_RHSA-2015-2152.NASL", "CENTOS_RHSA-2016-1539.NASL", "CENTOS_RHSA-2017-0036.NASL", "CENTOS_RHSA-2017-0086.NASL", "CENTOS_RHSA-2018-2846.NASL", "CENTOS_RHSA-2018-3083.NASL", "CENTOS_RHSA-2020-1016.NASL", "CISCO-SA-20180824-APIC.NASL", "CISCO-SA-20180824-IOSXE.NASL", "DEBIAN_DLA-1369.NASL", "DEBIAN_DLA-1466.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-1731.NASL", "DEBIAN_DLA-1771.NASL", "DEBIAN_DLA-246.NASL", "DEBIAN_DLA-360.NASL", "DEBIAN_DLA-516.NASL", "DEBIAN_DLA-609.NASL", "DEBIAN_DSA-2992.NASL", "DEBIAN_DSA-3396.NASL", "DEBIAN_DSA-3607.NASL", "DEBIAN_DSA-3616.NASL", "DEBIAN_DSA-3659.NASL", "DEBIAN_DSA-4073.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4187.NASL", "DEBIAN_DSA-4188.NASL", "DEBIAN_DSA-4272.NASL", "EULEROS_SA-2016-1020.NASL", "EULEROS_SA-2018-1026.NASL", "EULEROS_SA-2018-1031.NASL", "EULEROS_SA-2018-1278.NASL", "EULEROS_SA-2018-1279.NASL", "EULEROS_SA-2018-1352.NASL", "EULEROS_SA-2019-1076.NASL", "EULEROS_SA-2019-1108.NASL", "EULEROS_SA-2019-1131.NASL", "EULEROS_SA-2019-1156.NASL", "EULEROS_SA-2019-1168.NASL", "EULEROS_SA-2019-1229.NASL", "EULEROS_SA-2019-1480.NASL", "EULEROS_SA-2019-1483.NASL", "EULEROS_SA-2019-1485.NASL", "EULEROS_SA-2019-1487.NASL", "EULEROS_SA-2019-1488.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1491.NASL", "EULEROS_SA-2019-1492.NASL", "EULEROS_SA-2019-1494.NASL", "EULEROS_SA-2019-1501.NASL", "EULEROS_SA-2019-1512.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2599.NASL", "EULEROS_SA-2020-1674.NASL", "F5_BIGIP_SOL62442245.NASL", "F5_BIGIP_SOL74374841.NASL", "F5_BIGIP_SOL74413297.NASL", "F5_BIGIP_SOL98102572.NASL", "FEDORA_2014-14126.NASL", "FEDORA_2014-7863.NASL", "FEDORA_2014-8487.NASL", "FEDORA_2014-9010.NASL", "FEDORA_2014-9142.NASL", "FEDORA_2015-115C302856.NASL", "FEDORA_2015-CD94AD8D7C.NASL", "FEDORA_2015-F2C534BC12.NASL", "FEDORA_2016-2E5EBFED6D.NASL", "FEDORA_2016-373C063E79.NASL", "FEDORA_2016-5E24D8C350.NASL", "FEDORA_2016-723350DD75.NASL", "FEDORA_2016-7F37D42ADD.NASL", "FEDORA_2016-8A1F49149E.NASL", "FEDORA_2016-F1ADAAADC6.NASL", "FEDORA_2017-129969AA8A.NASL", "FEDORA_2017-9EA11E444D.NASL", "FEDORA_2017-B0C1F44130.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "FEDORA_2018-6E8C330D50.NASL", "FEDORA_2018-BA39FC0E07.NASL", "FEDORA_2018-E378863E47.NASL", "FREEBSD_PKG_D1F5E12AFD5A11E3A108080027EF73EC.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "MANDRIVA_MDVSA-2014-155.NASL", "MANDRIVA_MDVSA-2014-201.NASL", "NEWSTART_CGSL_NS-SA-2019-0044_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0049_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0041_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2020-0043_KERNEL-RT.NASL", "NEWSTART_CGSL_NS-SA-2020-0108_KERNEL.NASL", "OPENSUSE-2014-791.NASL", "OPENSUSE-2014-793.NASL", "OPENSUSE-2015-879.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1029.NASL", "OPENSUSE-2016-1076.NASL", "OPENSUSE-2016-1227.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-136.NASL", "OPENSUSE-2016-1410.NASL", "OPENSUSE-2016-753.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2017-532.NASL", "OPENSUSE-2018-377.NASL", "OPENSUSE-2018-514.NASL", "OPENSUSE-2018-885.NASL", "OPENSUSE-2018-886.NASL", "OPENSUSE-2019-140.NASL", "OPENSUSE-2019-274.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-65.NASL", "ORACLELINUX_ELSA-2014-1023.NASL", "ORACLELINUX_ELSA-2014-1392.NASL", "ORACLELINUX_ELSA-2014-1971.NASL", "ORACLELINUX_ELSA-2014-3096.NASL", "ORACLELINUX_ELSA-2014-3105.NASL", "ORACLELINUX_ELSA-2015-0290.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2152.NASL", "ORACLELINUX_ELSA-2016-1539.NASL", "ORACLELINUX_ELSA-2016-3593.NASL", "ORACLELINUX_ELSA-2017-0036.NASL", "ORACLELINUX_ELSA-2017-0086.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-3508.NASL", "ORACLELINUX_ELSA-2017-3509.NASL", "ORACLELINUX_ELSA-2017-3510.NASL", "ORACLELINUX_ELSA-2017-3636.NASL", "ORACLELINUX_ELSA-2017-3637.NASL", "ORACLELINUX_ELSA-2017-3651.NASL", "ORACLELINUX_ELSA-2017-3657.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2018-2846.NASL", "ORACLELINUX_ELSA-2018-3083.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4195.NASL", "ORACLELINUX_ELSA-2018-4196.NASL", "ORACLELINUX_ELSA-2019-4316.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLELINUX_ELSA-2019-4850.NASL", "ORACLELINUX_ELSA-2019-4854.NASL", "ORACLELINUX_ELSA-2019-4855.NASL", "ORACLEVM_OVMSA-2016-0094.NASL", "ORACLEVM_OVMSA-2017-0004.NASL", "ORACLEVM_OVMSA-2017-0005.NASL", "ORACLEVM_OVMSA-2017-0006.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0168.NASL", "ORACLEVM_OVMSA-2017-0172.NASL", "ORACLEVM_OVMSA-2017-0173.NASL", "ORACLEVM_OVMSA-2017-0174.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2019-0002.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "PALO_ALTO_PAN-SA-2018-0012.NASL", "PHOTONOS_PHSA-2017-1_0-0093.NASL", "PHOTONOS_PHSA-2017-1_0-0093_LINUX.NASL", "PHOTONOS_PHSA-2017-2_0-0008.NASL", "PHOTONOS_PHSA-2017-2_0-0008_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0096.NASL", "PHOTONOS_PHSA-2018-1_0-0096_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0161.NASL", "PHOTONOS_PHSA-2018-1_0-0161_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0009.NASL", "PHOTONOS_PHSA-2018-2_0-0009_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0072.NASL", "PHOTONOS_PHSA-2018-2_0-0072_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0109_LINUX.NASL", "REDHAT-RHSA-2014-1023.NASL", "REDHAT-RHSA-2014-1318.NASL", "REDHAT-RHSA-2014-1392.NASL", "REDHAT-RHSA-2014-1971.NASL", "REDHAT-RHSA-2015-0062.NASL", "REDHAT-RHSA-2015-1272.NASL", "REDHAT-RHSA-2015-2152.NASL", "REDHAT-RHSA-2016-1532.NASL", "REDHAT-RHSA-2016-1539.NASL", "REDHAT-RHSA-2016-1541.NASL", "REDHAT-RHSA-2017-0036.NASL", "REDHAT-RHSA-2017-0086.NASL", "REDHAT-RHSA-2017-0091.NASL", "REDHAT-RHSA-2017-0113.NASL", "REDHAT-RHSA-2018-2785.NASL", "REDHAT-RHSA-2018-2791.NASL", "REDHAT-RHSA-2018-2846.NASL", "REDHAT-RHSA-2018-2924.NASL", "REDHAT-RHSA-2018-2925.NASL", "REDHAT-RHSA-2018-2933.NASL", "REDHAT-RHSA-2018-2948.NASL", "REDHAT-RHSA-2018-3083.NASL", "REDHAT-RHSA-2018-3096.NASL", "REDHAT-RHSA-2018-3459.NASL", "REDHAT-RHSA-2018-3540.NASL", "REDHAT-RHSA-2018-3586.NASL", "REDHAT-RHSA-2018-3590.NASL", "REDHAT-RHSA-2019-3309.NASL", "REDHAT-RHSA-2019-3517.NASL", "REDHAT-RHSA-2020-1016.NASL", "REDHAT-RHSA-2020-1070.NASL", "REDHAT-RHSA-2020-2522.NASL", "REDHAT-RHSA-2020-2770.NASL", "REDHAT-RHSA-2020-2777.NASL", "REDHAT-RHSA-2020-2851.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SLACKWARE_SSA_2019-169-01.NASL", "SL_20141014_KERNEL_ON_SL6_X.NASL", "SL_20141209_KERNEL_ON_SL7_X.NASL", "SL_20150722_KERNEL_ON_SL6_X.NASL", "SL_20160802_KERNEL_ON_SL7_X.NASL", "SL_20170110_KERNEL_ON_SL6_X.NASL", "SL_20170117_KERNEL_ON_SL7_X.NASL", "SL_20181009_KERNEL_ON_SL6_X.NASL", "SL_20181030_KERNEL_ON_SL7_X.NASL", "SL_20200407_KERNEL_ON_SL7_X.NASL", "SUSE_11_KERNEL-141202.NASL", "SUSE_11_KERNEL-141217.NASL", "SUSE_11_KERNEL-150306.NASL", "SUSE_SU-2015-0481-1.NASL", "SUSE_SU-2015-0652-1.NASL", "SUSE_SU-2015-0812-1.NASL", "SUSE_SU-2015-2108-1.NASL", "SUSE_SU-2015-2194-1.NASL", "SUSE_SU-2015-2292-1.NASL", "SUSE_SU-2015-2339-1.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2105-1.NASL", "SUSE_SU-2016-2245-1.NASL", "SUSE_SU-2016-2912-1.NASL", "SUSE_SU-2016-2976-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0494-1.NASL", "SUSE_SU-2017-1183-1.NASL", "SUSE_SU-2017-1247-1.NASL", "SUSE_SU-2017-1301-1.NASL", "SUSE_SU-2017-1360-1.NASL", "SUSE_SU-2017-1613-1.NASL", "SUSE_SU-2017-3210-1.NASL", "SUSE_SU-2017-3225-1.NASL", "SUSE_SU-2017-3226-1.NASL", "SUSE_SU-2017-3249-1.NASL", "SUSE_SU-2017-3398-1.NASL", "SUSE_SU-2017-3410-1.NASL", "SUSE_SU-2018-0011-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-0115-1.NASL", "SUSE_SU-2018-1048-1.NASL", "SUSE_SU-2018-1173-1.NASL", "SUSE_SU-2018-1173-2.NASL", "SUSE_SU-2018-2344-1.NASL", "SUSE_SU-2018-2344-2.NASL", "SUSE_SU-2018-2374-1.NASL", "SUSE_SU-2018-2380-1.NASL", "SUSE_SU-2018-3787-1.NASL", "SUSE_SU-2018-3792-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0196-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0645-1.NASL", "SUSE_SU-2019-0672-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-13979-1.NASL", "UBUNTU_USN-2281-1.NASL", "UBUNTU_USN-2282-1.NASL", "UBUNTU_USN-2283-1.NASL", "UBUNTU_USN-2285-1.NASL", "UBUNTU_USN-2286-1.NASL", "UBUNTU_USN-2287-1.NASL", "UBUNTU_USN-2288-1.NASL", "UBUNTU_USN-2289-1.NASL", "UBUNTU_USN-2290-1.NASL", "UBUNTU_USN-2374-1.NASL", "UBUNTU_USN-2375-1.NASL", "UBUNTU_USN-2376-1.NASL", "UBUNTU_USN-2378-1.NASL", "UBUNTU_USN-2379-1.NASL", "UBUNTU_USN-2416-1.NASL", "UBUNTU_USN-2417-1.NASL", "UBUNTU_USN-2419-1.NASL", "UBUNTU_USN-2420-1.NASL", "UBUNTU_USN-2421-1.NASL", "UBUNTU_USN-2857-1.NASL", "UBUNTU_USN-2857-2.NASL", "UBUNTU_USN-2858-1.NASL", "UBUNTU_USN-2858-2.NASL", "UBUNTU_USN-2858-3.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2887-1.NASL", "UBUNTU_USN-2887-2.NASL", "UBUNTU_USN-2888-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2889-2.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2890-3.NASL", "UBUNTU_USN-2965-1.NASL", "UBUNTU_USN-2965-2.NASL", "UBUNTU_USN-2965-3.NASL", "UBUNTU_USN-2965-4.NASL", "UBUNTU_USN-2989-1.NASL", "UBUNTU_USN-2996-1.NASL", "UBUNTU_USN-2998-1.NASL", "UBUNTU_USN-3000-1.NASL", "UBUNTU_USN-3001-1.NASL", "UBUNTU_USN-3002-1.NASL", "UBUNTU_USN-3003-1.NASL", "UBUNTU_USN-3004-1.NASL", "UBUNTU_USN-3097-1.NASL", "UBUNTU_USN-3098-1.NASL", "UBUNTU_USN-3098-2.NASL", "UBUNTU_USN-3099-1.NASL", "UBUNTU_USN-3099-2.NASL", "UBUNTU_USN-3099-3.NASL", "UBUNTU_USN-3099-4.NASL", "UBUNTU_USN-3127-1.NASL", "UBUNTU_USN-3127-2.NASL", "UBUNTU_USN-3265-1.NASL", "UBUNTU_USN-3265-2.NASL", "UBUNTU_USN-3326-1.NASL", "UBUNTU_USN-3327-1.NASL", "UBUNTU_USN-3333-1.NASL", "UBUNTU_USN-3342-1.NASL", "UBUNTU_USN-3342-2.NASL", "UBUNTU_USN-3422-1.NASL", "UBUNTU_USN-3507-1.NASL", "UBUNTU_USN-3507-2.NASL", "UBUNTU_USN-3508-1.NASL", "UBUNTU_USN-3508-2.NASL", "UBUNTU_USN-3509-1.NASL", "UBUNTU_USN-3509-2.NASL", "UBUNTU_USN-3509-3.NASL", "UBUNTU_USN-3509-4.NASL", "UBUNTU_USN-3510-1.NASL", "UBUNTU_USN-3511-1.NASL", "UBUNTU_USN-3583-1.NASL", "UBUNTU_USN-3617-1.NASL", "UBUNTU_USN-3617-2.NASL", "UBUNTU_USN-3617-3.NASL", "UBUNTU_USN-3619-1.NASL", "UBUNTU_USN-3619-2.NASL", "UBUNTU_USN-3632-1.NASL", "UBUNTU_USN-3696-1.NASL", "UBUNTU_USN-3696-2.NASL", "UBUNTU_USN-3740-1.NASL", "UBUNTU_USN-3740-2.NASL", "UBUNTU_USN-3741-1.NASL", "UBUNTU_USN-3741-2.NASL", "UBUNTU_USN-3741-3.NASL", "UBUNTU_USN-3742-1.NASL", "UBUNTU_USN-3879-1.NASL", "UBUNTU_USN-3879-2.NASL", "UBUNTU_USN-3910-1.NASL", "UBUNTU_USN-3910-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4163-1.NASL", "VIRTUOZZO_VZA-2016-104.NASL", "VIRTUOZZO_VZA-2017-025.NASL", "VIRTUOZZO_VZA-2017-109.NASL", "VIRTUOZZO_VZA-2017-110.NASL", "VIRTUOZZO_VZA-2017-111.NASL", "VIRTUOZZO_VZA-2018-004.NASL", "VIRTUOZZO_VZA-2018-024.NASL", "VIRTUOZZO_VZA-2018-025.NASL", "VIRTUOZZO_VZA-2018-026.NASL", "VIRTUOZZO_VZA-2018-029.NASL", "VIRTUOZZO_VZA-2018-038.NASL", "VIRTUOZZO_VZA-2018-075.NASL", "VIRTUOZZO_VZLSA-2017-0036.NASL", "VIRTUOZZO_VZLSA-2017-0086.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108793", "OPENVAS:1361412562310120351", "OPENVAS:1361412562310120729", "OPENVAS:1361412562310123058", "OPENVAS:1361412562310123224", "OPENVAS:1361412562310123230", "OPENVAS:1361412562310123234", "OPENVAS:1361412562310123272", "OPENVAS:1361412562310123341", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310131175", "OPENVAS:1361412562310131182", "OPENVAS:1361412562310702992", "OPENVAS:1361412562310703396", "OPENVAS:1361412562310703607", "OPENVAS:1361412562310703616", "OPENVAS:1361412562310703659", "OPENVAS:1361412562310704073", "OPENVAS:1361412562310704082", "OPENVAS:1361412562310704187", "OPENVAS:1361412562310704188", "OPENVAS:1361412562310704272", "OPENVAS:1361412562310807951", "OPENVAS:1361412562310807952", "OPENVAS:1361412562310807977", "OPENVAS:1361412562310809178", "OPENVAS:1361412562310809179", "OPENVAS:1361412562310809206", "OPENVAS:1361412562310809207", "OPENVAS:1361412562310814003", "OPENVAS:1361412562310814011", "OPENVAS:1361412562310814012", "OPENVAS:1361412562310814013", "OPENVAS:1361412562310814014", "OPENVAS:1361412562310814015", "OPENVAS:1361412562310814215", "OPENVAS:1361412562310841892", "OPENVAS:1361412562310841893", "OPENVAS:1361412562310841896", "OPENVAS:1361412562310841897", "OPENVAS:1361412562310841899", "OPENVAS:1361412562310841902", "OPENVAS:1361412562310841903", "OPENVAS:1361412562310841904", "OPENVAS:1361412562310841906", "OPENVAS:1361412562310841907", "OPENVAS:1361412562310841997", "OPENVAS:1361412562310841998", "OPENVAS:1361412562310841999", "OPENVAS:1361412562310842001", "OPENVAS:1361412562310842002", "OPENVAS:1361412562310842003", "OPENVAS:1361412562310842586", "OPENVAS:1361412562310842588", "OPENVAS:1361412562310842589", "OPENVAS:1361412562310842591", "OPENVAS:1361412562310842592", "OPENVAS:1361412562310842621", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310842623", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310842627", "OPENVAS:1361412562310842628", "OPENVAS:1361412562310842629", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842632", "OPENVAS:1361412562310842734", "OPENVAS:1361412562310842755", "OPENVAS:1361412562310842759", "OPENVAS:1361412562310842762", "OPENVAS:1361412562310842779", "OPENVAS:1361412562310842787", "OPENVAS:1361412562310842788", "OPENVAS:1361412562310842791", "OPENVAS:1361412562310842792", "OPENVAS:1361412562310842793", "OPENVAS:1361412562310842795", "OPENVAS:1361412562310842796", "OPENVAS:1361412562310842797", "OPENVAS:1361412562310842907", "OPENVAS:1361412562310842908", "OPENVAS:1361412562310842909", "OPENVAS:1361412562310842910", "OPENVAS:1361412562310842911", "OPENVAS:1361412562310842912", "OPENVAS:1361412562310842913", "OPENVAS:1361412562310842916", "OPENVAS:1361412562310842949", "OPENVAS:1361412562310842951", "OPENVAS:1361412562310843139", "OPENVAS:1361412562310843140", "OPENVAS:1361412562310843211", "OPENVAS:1361412562310843218", "OPENVAS:1361412562310843221", "OPENVAS:1361412562310843229", "OPENVAS:1361412562310843233", "OPENVAS:1361412562310843312", "OPENVAS:1361412562310843393", "OPENVAS:1361412562310843394", "OPENVAS:1361412562310843395", "OPENVAS:1361412562310843396", "OPENVAS:1361412562310843397", "OPENVAS:1361412562310843398", "OPENVAS:1361412562310843399", "OPENVAS:1361412562310843400", "OPENVAS:1361412562310843402", "OPENVAS:1361412562310843403", "OPENVAS:1361412562310843461", "OPENVAS:1361412562310843492", "OPENVAS:1361412562310843493", "OPENVAS:1361412562310843496", "OPENVAS:1361412562310843497", "OPENVAS:1361412562310843500", "OPENVAS:1361412562310843509", "OPENVAS:1361412562310843575", "OPENVAS:1361412562310843578", "OPENVAS:1361412562310843612", "OPENVAS:1361412562310843613", "OPENVAS:1361412562310843614", "OPENVAS:1361412562310843616", "OPENVAS:1361412562310843617", "OPENVAS:1361412562310843620", "OPENVAS:1361412562310843893", "OPENVAS:1361412562310843894", "OPENVAS:1361412562310843934", "OPENVAS:1361412562310843935", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310844209", "OPENVAS:1361412562310850626", "OPENVAS:1361412562310850628", "OPENVAS:1361412562310850746", "OPENVAS:1361412562310850776", "OPENVAS:1361412562310850805", "OPENVAS:1361412562310850817", "OPENVAS:1361412562310850918", "OPENVAS:1361412562310850994", "OPENVAS:1361412562310851138", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310851349", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310851390", "OPENVAS:1361412562310851420", "OPENVAS:1361412562310851444", "OPENVAS:1361412562310851544", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310851731", "OPENVAS:1361412562310851762", "OPENVAS:1361412562310851863", "OPENVAS:1361412562310851952", "OPENVAS:1361412562310852240", "OPENVAS:1361412562310852274", "OPENVAS:1361412562310852327", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310871222", "OPENVAS:1361412562310871268", "OPENVAS:1361412562310871413", "OPENVAS:1361412562310871644", "OPENVAS:1361412562310871742", "OPENVAS:1361412562310871747", "OPENVAS:1361412562310873857", "OPENVAS:1361412562310873860", "OPENVAS:1361412562310873926", "OPENVAS:1361412562310873930", "OPENVAS:1361412562310874290", "OPENVAS:1361412562310874293", "OPENVAS:1361412562310874365", "OPENVAS:1361412562310874366", "OPENVAS:1361412562310874400", "OPENVAS:1361412562310874427", "OPENVAS:1361412562310874606", "OPENVAS:1361412562310874619", "OPENVAS:1361412562310874623", "OPENVAS:1361412562310874647", "OPENVAS:1361412562310874695", "OPENVAS:1361412562310874721", "OPENVAS:1361412562310874751", "OPENVAS:1361412562310874761", "OPENVAS:1361412562310874813", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875092", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875128", "OPENVAS:1361412562310875131", "OPENVAS:1361412562310875162", "OPENVAS:1361412562310875170", "OPENVAS:1361412562310875189", "OPENVAS:1361412562310875201", "OPENVAS:1361412562310875303", "OPENVAS:1361412562310875330", "OPENVAS:1361412562310875334", "OPENVAS:1361412562310875349", "OPENVAS:1361412562310875368", "OPENVAS:1361412562310875369", "OPENVAS:1361412562310875371", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562310875459", "OPENVAS:1361412562310875476", "OPENVAS:1361412562310875506", "OPENVAS:1361412562310875559", "OPENVAS:1361412562310875566", "OPENVAS:1361412562310875577", "OPENVAS:1361412562310876322", "OPENVAS:1361412562310876377", "OPENVAS:1361412562310882004", "OPENVAS:1361412562310882536", "OPENVAS:1361412562310882629", "OPENVAS:1361412562310882638", "OPENVAS:1361412562310882957", "OPENVAS:1361412562310891369", "OPENVAS:1361412562310891466", "OPENVAS:1361412562310891715", "OPENVAS:1361412562310891731", "OPENVAS:1361412562310891771", "OPENVAS:1361412562311220161020", "OPENVAS:1361412562311220181026", "OPENVAS:1361412562311220181031", "OPENVAS:1361412562311220181278", "OPENVAS:1361412562311220181279", "OPENVAS:1361412562311220181352", "OPENVAS:1361412562311220191076", "OPENVAS:1361412562311220191108", "OPENVAS:1361412562311220191131", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191168", "OPENVAS:1361412562311220191229", "OPENVAS:1361412562311220191480", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191485", "OPENVAS:1361412562311220191487", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191491", "OPENVAS:1361412562311220191492", "OPENVAS:1361412562311220191494", "OPENVAS:1361412562311220191501", "OPENVAS:1361412562311220191505", "OPENVAS:1361412562311220191512", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192599", "OPENVAS:1361412562311220201674", "OPENVAS:702992", "OPENVAS:703396", "OPENVAS:703607", "OPENVAS:703616", "OPENVAS:703659"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-1023", "ELSA-2014-1281", "ELSA-2014-1392", "ELSA-2014-1971", "ELSA-2014-3096", "ELSA-2014-3105", "ELSA-2015-1272", "ELSA-2016-1539", "ELSA-2016-3593", "ELSA-2017-0036", "ELSA-2017-0086", "ELSA-2017-0817", "ELSA-2017-3508", "ELSA-2017-3509", "ELSA-2017-3510", "ELSA-2017-3636", "ELSA-2017-3637", "ELSA-2017-3651", "ELSA-2017-3657", "ELSA-2017-3658", "ELSA-2017-3659", "ELSA-2018-2846", "ELSA-2018-3083", "ELSA-2018-4021", "ELSA-2018-4195", "ELSA-2018-4196", "ELSA-2019-3517", "ELSA-2019-4316", "ELSA-2019-4317", "ELSA-2019-4729", "ELSA-2019-4850", "ELSA-2019-4854", "ELSA-2019-4855", "ELSA-2020-1016"]}, {"type": "osv", "idList": ["OSV:DLA-1369-1", "OSV:DLA-1466-1", "OSV:DLA-1529-1", "OSV:DLA-1715-1", "OSV:DLA-1731-1", "OSV:DLA-1771-1", "OSV:DLA-246-1", "OSV:DLA-246-2", "OSV:DLA-360-1", "OSV:DLA-516-1", "OSV:DLA-609-1", "OSV:DSA-2992-1", "OSV:DSA-3396-1", "OSV:DSA-3607-1", "OSV:DSA-3616-1", "OSV:DSA-3659-1", "OSV:DSA-4073-1", "OSV:DSA-4082-1", "OSV:DSA-4187-1", "OSV:DSA-4188-1", "OSV:DSA-4272-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:135151", "PACKETSTORM:139474", "PACKETSTORM:139642"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0012"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2017-0093", "PHSA-2017-1.0-0093", "PHSA-2018-0009", "PHSA-2018-0031", "PHSA-2018-0049", "PHSA-2018-0072", "PHSA-2018-0150", "PHSA-2018-0161", "PHSA-2018-1.0-0096", "PHSA-2018-1.0-0161", "PHSA-2018-2.0-0072", "PHSA-2018-2.0-0109", "PHSA-2019-0128", "PHSA-2019-0206", "PHSA-2019-0212", "PHSA-2019-1.0-0206", "PHSA-2019-1.0-0212"]}, {"type": "redhat", "idList": ["RHSA-2014:1023", "RHSA-2014:1318", "RHSA-2014:1392", "RHSA-2014:1971", "RHSA-2015:0062", "RHSA-2015:1272", "RHSA-2015:2152", "RHSA-2016:1532", "RHSA-2016:1539", "RHSA-2016:1541", "RHSA-2017:0036", "RHSA-2017:0086", "RHSA-2017:0091", "RHSA-2017:0113", "RHSA-2018:0180", "RHSA-2018:2785", "RHSA-2018:2791", "RHSA-2018:2846", "RHSA-2018:2924", "RHSA-2018:2925", "RHSA-2018:2933", "RHSA-2018:2948", "RHSA-2018:3083", "RHSA-2018:3096", "RHSA-2018:3459", "RHSA-2018:3540", "RHSA-2018:3586", "RHSA-2018:3590", "RHSA-2019:3309", "RHSA-2019:3517", "RHSA-2020:1016", "RHSA-2020:1070", "RHSA-2020:2522", "RHSA-2020:2770", "RHSA-2020:2777", "RHSA-2020:2851"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-10044", "RH:CVE-2016-6828", "RH:CVE-2017-1000405", "RH:CVE-2017-15128", "RH:CVE-2017-17450", "RH:CVE-2017-18232", "RH:CVE-2017-18257", "RH:CVE-2017-7374", "RH:CVE-2018-20169", "RH:CVE-2018-5391", "RH:CVE-2018-7740"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30915", "SECURITYVULNS:DOC:30929", "SECURITYVULNS:DOC:31142", "SECURITYVULNS:DOC:31315", "SECURITYVULNS:VULN:13844", "SECURITYVULNS:VULN:13997"]}, {"type": "seebug", "idList": ["SSV:90488"]}, {"type": "slackware", "idList": ["SSA-2019-030-01", "SSA-2019-169-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:1669-1", "OPENSUSE-SU-2014:1677-1", "OPENSUSE-SU-2015:0566-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:0318-1", "OPENSUSE-SU-2016:1641-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2184-1", "OPENSUSE-SU-2016:2290-1", "OPENSUSE-SU-2016:2625-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2016:3021-1", "OPENSUSE-SU-2017:1140-1", "OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "OPENSUSE-SU-2018:0972-1", "OPENSUSE-SU-2018:1418-1", "OPENSUSE-SU-2018:2404-1", "OPENSUSE-SU-2018:2407-1", "OPENSUSE-SU-2019:0065-1", "OPENSUSE-SU-2019:0140-1", "OPENSUSE-SU-2019:0274-1", "SUSE-SU-2014:1693-1", "SUSE-SU-2014:1693-2", "SUSE-SU-2014:1695-1", "SUSE-SU-2014:1695-2", "SUSE-SU-2015:0481-1", "SUSE-SU-2015:0581-1", "SUSE-SU-2015:0652-1", "SUSE-SU-2015:0736-1", "SUSE-SU-2015:0812-1", "SUSE-SU-2015:2108-1", "SUSE-SU-2015:2194-1", "SUSE-SU-2015:2292-1", "SUSE-SU-2015:2339-1", "SUSE-SU-2015:2350-1", "SUSE-SU-2016:0335-1", "SUSE-SU-2016:0337-1", "SUSE-SU-2016:0354-1", "SUSE-SU-2016:0380-1", "SUSE-SU-2016:0381-1", "SUSE-SU-2016:0383-1", "SUSE-SU-2016:0384-1", "SUSE-SU-2016:0386-1", "SUSE-SU-2016:0387-1", "SUSE-SU-2016:0434-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0751-1", "SUSE-SU-2016:0752-1", "SUSE-SU-2016:0755-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2105-1", "SUSE-SU-2016:2245-1", "SUSE-SU-2016:2912-1", "SUSE-SU-2016:2976-1", "SUSE-SU-2016:3069-1", "SUSE-SU-2016:3304-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0494-1", "SUSE-SU-2017:1183-1", "SUSE-SU-2017:1247-1", "SUSE-SU-2017:1301-1", "SUSE-SU-2017:1360-1", "SUSE-SU-2017:1613-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2342-1", "SUSE-SU-2017:3210-1", "SUSE-SU-2017:3225-1", "SUSE-SU-2017:3226-1", "SUSE-SU-2017:3249-1", "SUSE-SU-2017:3284-1", "SUSE-SU-2017:3285-1", "SUSE-SU-2017:3286-1", "SUSE-SU-2017:3295-1", "SUSE-SU-2017:3296-1", "SUSE-SU-2017:3297-1", "SUSE-SU-2017:3300-1", "SUSE-SU-2017:3310-1", "SUSE-SU-2017:3314-1", "SUSE-SU-2017:3317-1", "SUSE-SU-2017:3319-1", "SUSE-SU-2017:3324-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0011-1", "SUSE-SU-2018:0031-1", "SUSE-SU-2018:0040-1", "SUSE-SU-2018:0115-1", "SUSE-SU-2018:0180-1", "SUSE-SU-2018:0213-1", "SUSE-SU-2018:1048-1", "SUSE-SU-2018:1173-1", "SUSE-SU-2018:1217-1"]}, {"type": "symantec", "idList": ["SMNTC-105108", "SMNTC-1467"]}, {"type": "thn", "idList": ["THN:9B30E750177FCE2138C2D9F3C42B178A"]}, {"type": "threatpost", "idList": ["THREATPOST:54E7457360B9B4CFC6843F7B3E0C5367", "THREATPOST:A28CC7C8B76DAF5EBFF24CE8575A2087"]}, {"type": "ubuntu", "idList": ["USN-2286-1", "USN-2289-1", "USN-2374-1", "USN-2375-1", "USN-2376-1", "USN-2377-1", "USN-2378-1", "USN-2379-1", "USN-2415-1", "USN-2416-1", "USN-2417-1", "USN-2418-1", "USN-2419-1", "USN-2420-1", "USN-2421-1", "USN-2857-1", "USN-2857-2", "USN-2858-1", "USN-2858-2", "USN-2858-3", "USN-2886-1", "USN-2886-2", "USN-2887-1", "USN-2887-2", "USN-2888-1", "USN-2889-1", "USN-2889-2", "USN-2890-1", "USN-2890-2", "USN-2890-3", "USN-2965-1", "USN-2965-2", "USN-2965-3", "USN-2965-4", "USN-2989-1", "USN-2996-1", "USN-2997-1", "USN-2998-1", "USN-3000-1", "USN-3001-1", "USN-3002-1", "USN-3003-1", "USN-3004-1", "USN-3097-1", "USN-3097-2", "USN-3098-1", "USN-3098-2", "USN-3099-1", "USN-3099-2", "USN-3099-3", "USN-3099-4", "USN-3127-1", "USN-3127-2", "USN-3265-1", "USN-3265-2", "USN-3342-1", "USN-3342-2", "USN-3422-1", "USN-3422-2", "USN-3507-1", "USN-3507-2", "USN-3508-1", "USN-3508-2", "USN-3509-1", "USN-3509-2", "USN-3509-3", "USN-3509-4", "USN-3510-1", "USN-3510-2", "USN-3511-1", "USN-3583-1", "USN-3583-2", "USN-3617-1", "USN-3617-2", "USN-3617-3", "USN-3619-1", "USN-3619-2", "USN-3632-1", "USN-3696-1", "USN-3696-2", "USN-3740-1", "USN-3740-2", "USN-3741-1", "USN-3741-2", "USN-3741-3", "USN-3742-1", "USN-3742-2", "USN-3742-3", "USN-3879-1", "USN-3879-2", "USN-3910-1", "USN-3910-2", "USN-4094-1", "USN-4118-1", "USN-4163-1", "USN-4163-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2012-6703", "UB:CVE-2014-3184", "UB:CVE-2014-3534", "UB:CVE-2014-4608", "UB:CVE-2014-8481", "UB:CVE-2014-9904", "UB:CVE-2015-3288", "UB:CVE-2015-6937", "UB:CVE-2015-7990", "UB:CVE-2015-8660", "UB:CVE-2016-10044", "UB:CVE-2016-3955", "UB:CVE-2016-6828", "UB:CVE-2017-1000405", "UB:CVE-2017-15128", "UB:CVE-2017-17450", "UB:CVE-2017-18232", "UB:CVE-2017-18257", "UB:CVE-2017-7374", "UB:CVE-2018-14641", "UB:CVE-2018-20169", "UB:CVE-2018-5391", "UB:CVE-2018-7740"]}, {"type": "veracode", "idList": ["VERACODE:21818"]}, {"type": "virtuozzo", "idList": ["VZA-2016-104", "VZA-2017-024", "VZA-2017-025", "VZA-2017-109", "VZA-2017-110", "VZA-2017-111", "VZA-2018-004", "VZA-2018-024", "VZA-2018-025", "VZA-2018-026", "VZA-2018-028", "VZA-2018-029", "VZA-2018-038", "VZA-2018-074", "VZA-2018-075"]}, {"type": "zdt", "idList": ["1337DAY-ID-25511", "1337DAY-ID-25513", "1337DAY-ID-26201", "1337DAY-ID-26220", "1337DAY-ID-26265"]}]}, "score": {"value": 0.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "akamaiblog", "idList": ["AKAMAIBLOG:CA172BF5AAF741436B9DD55773785FB3"]}, {"type": "amazon", "idList": ["ALAS-2018-1058", "ALAS-2018-944", "ALAS-2018-993"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-3288"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-08-01", "ANDROID:2017-02-01", "ANDROID:2017-10-01"]}, {"type": "archlinux", "idList": ["ASA-201801-4"]}, {"type": "canvas", "idList": ["OVERLAYFS"]}, {"type": "centos", "idList": ["CESA-2018:2846"]}, {"type": "cert", "idList": ["VU:641765"]}, {"type": "checkpoint_security", "idList": ["CPS:SK134054", "CPS:SK134253"]}, {"type": "cisco", "idList": ["CISCO-SA-20180824-LINUX-IP-FRAGMENT"]}, {"type": "citrix", "idList": ["CTX237244"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0BD4290D520A235B05B93F0ACF4B7C2B", "CFOUNDRY:3021E4215989A1024954356EA766D914", "CFOUNDRY:B6F9117DDC7188793F0CD8F25AB1B9C7", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F"]}, {"type": "cve", "idList": ["CVE-2014-3184", "CVE-2014-3534", "CVE-2014-4608", "CVE-2014-8480", "CVE-2014-8481", "CVE-2014-9904", "CVE-2015-7990", "CVE-2015-8660", "CVE-2016-3955", "CVE-2017-1000405", "CVE-2017-15128", "CVE-2017-17450"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1369-1:33F82", "DEBIAN:DLA-1466-1:48FF6", "DEBIAN:DLA-246-2:ABC0D", "DEBIAN:DSA-3616-1:8F5D7", "DEBIAN:DSA-3659-1:3F508", "DEBIAN:DSA-4073-1:79398", "DEBIAN:DSA-4082-1:57979", "DEBIAN:DSA-4187-1:481CA", "DEBIAN:DSA-4188-1:E4177", "DEBIAN:DSA-4272-1:8EBA1"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-3184", "DEBIANCVE:CVE-2014-3534", "DEBIANCVE:CVE-2014-4608", "DEBIANCVE:CVE-2014-8481", "DEBIANCVE:CVE-2014-9904", "DEBIANCVE:CVE-2015-3288", "DEBIANCVE:CVE-2015-7990", "DEBIANCVE:CVE-2015-8660", "DEBIANCVE:CVE-2016-10044", "DEBIANCVE:CVE-2016-3955", "DEBIANCVE:CVE-2016-6828", "DEBIANCVE:CVE-2017-1000405", "DEBIANCVE:CVE-2017-15128", "DEBIANCVE:CVE-2017-17450", "DEBIANCVE:CVE-2017-18232", "DEBIANCVE:CVE-2017-18257", "DEBIANCVE:CVE-2017-7374", "DEBIANCVE:CVE-2018-20169", "DEBIANCVE:CVE-2018-5391", "DEBIANCVE:CVE-2018-7740"]}, {"type": "exploitdb", "idList": ["EDB-ID:43199"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:D8B1BFCB08D0FAA92CCBDBD01EF88A3F"]}, {"type": "f5", "idList": ["F5:K74374841", "SOL07560020", "SOL30905674"]}, {"type": "fedora", "idList": ["FEDORA:08D3760E6566", "FEDORA:10F7D6255145", "FEDORA:122AE604D3F9", "FEDORA:1EFAB60ACFB0", "FEDORA:20D7E60157CD", "FEDORA:22E2B607603F", "FEDORA:250CB6087A80", "FEDORA:25BDD6190ECF", "FEDORA:29049600CFF3", "FEDORA:29FCE65ECD33", "FEDORA:3266960F0E44", "FEDORA:3CCDE601B23D", "FEDORA:41B546014626", "FEDORA:42DA3601FD86", "FEDORA:44065605602A", "FEDORA:4832F6079717", "FEDORA:4D5AD601FDAC", "FEDORA:50E6E6087656", "FEDORA:5D742610B071", "FEDORA:5F9DC60BDC80", "FEDORA:648496077DD1", "FEDORA:6B66A6047312", "FEDORA:6EC6360BEA04", "FEDORA:6F1BC604D0C1", "FEDORA:74245604D4DA", "FEDORA:7640C641CB61", "FEDORA:7960A6049C56", "FEDORA:7F8C960BC98D", "FEDORA:87BD56087904", "FEDORA:8F974604E846", "FEDORA:909D360491BF", "FEDORA:95A686085F81", "FEDORA:975D760A94D0", "FEDORA:9BC696049C57", "FEDORA:9E3D9606D195", "FEDORA:AB52460321C9", "FEDORA:B395E6087A9D", "FEDORA:B54D264CBCAC", "FEDORA:BBFE360460D0", "FEDORA:BD35260BC96F", "FEDORA:C49D061F375F", "FEDORA:C64AE6007F37", "FEDORA:D6CAE607A456", "FEDORA:D6F86601E6D9", "FEDORA:DF5176048167", "FEDORA:E1D7E6031252", "FEDORA:E6F08605DCE7", "FEDORA:E93AE6077DCD", "FEDORA:EBB026048D2E"]}, {"type": "freebsd", "idList": ["D1F5E12A-FD5A-11E3-A108-080027EF73EC"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200115-01-LINUX"]}, {"type": "ibm", "idList": ["AED01AE411153EF61F18A5379A53E9FF22A1966A07D8367620044DFB22FE9466", "DD411EA1F77F18E57C4DC818864CB0D5837DAEB7CFD8747629F8FCD7F969497C"]}, {"type": "kitploit", "idList": ["KITPLOIT:5167596251841349275"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/LINUXRPM-ELSA-2014-3105/", "MSF:ILITIES/SUSE-CVE-2015-3288/"]}, {"type": "mscve", "idList": ["MS:ADV180022"]}, {"type": "nessus", "idList": ["AL2_ALAS-2018-1058.NASL", "ALA_ALAS-2018-1058.NASL", "CENTOS_RHSA-2018-2846.NASL", "DEBIAN_DLA-1466.NASL", "DEBIAN_DSA-3616.NASL", "DEBIAN_DSA-4082.NASL", "DEBIAN_DSA-4272.NASL", "F5_BIGIP_SOL98102572.NASL", "FEDORA_2015-115C302856.NASL", "FEDORA_2017-9EA11E444D.NASL", "FEDORA_2017-BA6B6E71F7.NASL", "NEWSTART_CGSL_NS-SA-2019-0143_KERNEL.NASL", "OPENSUSE-2017-1390.NASL", "OPENSUSE-2017-1391.NASL", "OPENSUSE-2018-885.NASL", "OPENSUSE-2018-886.NASL", "OPENSUSE-2019-140.NASL", "OPENSUSE-2019-274.NASL", "OPENSUSE-2019-618.NASL", "OPENSUSE-2019-65.NASL", "ORACLELINUX_ELSA-2017-3636.NASL", "ORACLELINUX_ELSA-2017-3637.NASL", "ORACLELINUX_ELSA-2017-3651.NASL", "ORACLELINUX_ELSA-2018-2846.NASL", "ORACLELINUX_ELSA-2018-4195.NASL", "ORACLELINUX_ELSA-2019-4729.NASL", "ORACLEVM_OVMSA-2017-0168.NASL", "ORACLEVM_OVMSA-2017-0172.NASL", "ORACLEVM_OVMSA-2019-0002.NASL", "ORACLEVM_OVMSA-2019-0038.NASL", "PALO_ALTO_PAN-SA-2018-0012.NASL", "PHOTONOS_PHSA-2017-1_0-0093.NASL", "PHOTONOS_PHSA-2017-1_0-0093_LINUX.NASL", "PHOTONOS_PHSA-2017-2_0-0008.NASL", "PHOTONOS_PHSA-2017-2_0-0008_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0096.NASL", "PHOTONOS_PHSA-2018-1_0-0096_LINUX.NASL", "PHOTONOS_PHSA-2018-1_0-0161.NASL", "PHOTONOS_PHSA-2018-1_0-0161_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0009_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0072.NASL", "PHOTONOS_PHSA-2018-2_0-0072_LINUX.NASL", "PHOTONOS_PHSA-2018-2_0-0109_LINUX.NASL", "REDHAT-RHSA-2018-2785.NASL", "REDHAT-RHSA-2018-2791.NASL", "REDHAT-RHSA-2018-2846.NASL", "REDHAT-RHSA-2018-2924.NASL", "REDHAT-RHSA-2018-2933.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20181009_KERNEL_ON_SL6_X.NASL", "SUSE_SU-2017-1613-1.NASL", "SUSE_SU-2017-3225-1.NASL", "SUSE_SU-2017-3226-1.NASL", "SUSE_SU-2018-0031-1.NASL", "SUSE_SU-2018-0040-1.NASL", "SUSE_SU-2018-2344-1.NASL", "SUSE_SU-2018-2374-1.NASL", "SUSE_SU-2019-0148-1.NASL", "SUSE_SU-2019-0196-1.NASL", "SUSE_SU-2019-0222-1.NASL", "SUSE_SU-2019-0224-1.NASL", "SUSE_SU-2019-0439-1.NASL", "SUSE_SU-2019-0541-1.NASL", "SUSE_SU-2019-0645-1.NASL", "SUSE_SU-2019-0672-1.NASL", "SUSE_SU-2019-1289-1.NASL", "SUSE_SU-2019-13937-1.NASL", "SUSE_SU-2019-13979-1.NASL", "UBUNTU_USN-2889-1.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-3326-1.NASL", "UBUNTU_USN-3327-1.NASL", "UBUNTU_USN-3333-1.NASL", "UBUNTU_USN-3342-1.NASL", "UBUNTU_USN-3342-2.NASL", "UBUNTU_USN-3507-1.NASL", "UBUNTU_USN-3507-2.NASL", "UBUNTU_USN-3508-1.NASL", "UBUNTU_USN-3508-2.NASL", "UBUNTU_USN-3509-1.NASL", "UBUNTU_USN-3509-2.NASL", "UBUNTU_USN-3509-3.NASL", "UBUNTU_USN-3509-4.NASL", "UBUNTU_USN-3510-1.NASL", "UBUNTU_USN-3511-1.NASL", "UBUNTU_USN-3740-1.NASL", "UBUNTU_USN-3740-2.NASL", "UBUNTU_USN-3741-1.NASL", "UBUNTU_USN-3741-2.NASL", "UBUNTU_USN-3741-3.NASL", "UBUNTU_USN-3742-1.NASL", "UBUNTU_USN-3879-1.NASL", "UBUNTU_USN-3879-2.NASL", "UBUNTU_USN-3910-1.NASL", "UBUNTU_USN-3910-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL", "UBUNTU_USN-4163-1.NASL", "VIRTUOZZO_VZA-2017-109.NASL", "VIRTUOZZO_VZA-2017-110.NASL", "VIRTUOZZO_VZA-2017-111.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123058", "OPENVAS:1361412562310704272", "OPENVAS:1361412562310814003", "OPENVAS:1361412562310814011", "OPENVAS:1361412562310814012", "OPENVAS:1361412562310814013", "OPENVAS:1361412562310814014", "OPENVAS:1361412562310814015", "OPENVAS:1361412562310814215", "OPENVAS:1361412562310841892", "OPENVAS:1361412562310841899", "OPENVAS:1361412562310842791", "OPENVAS:1361412562310843139", "OPENVAS:1361412562310843140", "OPENVAS:1361412562310843211", "OPENVAS:1361412562310843218", "OPENVAS:1361412562310843221", "OPENVAS:1361412562310843393", "OPENVAS:1361412562310843394", "OPENVAS:1361412562310843395", "OPENVAS:1361412562310843396", "OPENVAS:1361412562310843397", "OPENVAS:1361412562310843398", "OPENVAS:1361412562310843399", "OPENVAS:1361412562310843400", "OPENVAS:1361412562310843612", "OPENVAS:1361412562310843613", "OPENVAS:1361412562310843614", "OPENVAS:1361412562310843616", "OPENVAS:1361412562310843617", "OPENVAS:1361412562310843620", "OPENVAS:1361412562310843893", "OPENVAS:1361412562310843894", "OPENVAS:1361412562310850626", "OPENVAS:1361412562310850994", "OPENVAS:1361412562310851666", "OPENVAS:1361412562310851667", "OPENVAS:1361412562310851863", "OPENVAS:1361412562310852240", "OPENVAS:1361412562310852274", "OPENVAS:1361412562310873857", "OPENVAS:1361412562310873860", "OPENVAS:1361412562310873926", "OPENVAS:1361412562310874890", "OPENVAS:1361412562310874919", "OPENVAS:1361412562310874964", "OPENVAS:1361412562310874998", "OPENVAS:1361412562310875092", "OPENVAS:1361412562310875099", "OPENVAS:1361412562310875407", "OPENVAS:1361412562310875414", "OPENVAS:1361412562310875423", "OPENVAS:1361412562310875438", "OPENVAS:1361412562310875443", "OPENVAS:1361412562311220181026", "OPENVAS:1361412562311220191076", "OPENVAS:1361412562311220191156", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191512"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1272", "ELSA-2017-3636", "ELSA-2017-3637", "ELSA-2017-3651", "ELSA-2017-3659", "ELSA-2018-2846", "ELSA-2018-4195", "ELSA-2018-4196"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:139642"]}, {"type": "paloalto", "idList": ["PAN-SA-2018-0012"]}, {"type": "photon", "idList": ["PHSA-2017-0008", "PHSA-2017-1.0-0093", "PHSA-2018-0009", "PHSA-2018-1.0-0096", "PHSA-2018-1.0-0161", "PHSA-2018-2.0-0072", "PHSA-2018-2.0-0109", "PHSA-2019-1.0-0206", "PHSA-2019-1.0-0212"]}, {"type": "redhat", "idList": ["RHSA-2018:2846"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-10044", "RH:CVE-2017-18257", "RH:CVE-2017-7374"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31142", "SECURITYVULNS:VULN:13997"]}, {"type": "seebug", "idList": ["SSV:90488"]}, {"type": "slackware", "idList": ["SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:3358-1", "OPENSUSE-SU-2017:3359-1", "OPENSUSE-SU-2018:2404-1", "OPENSUSE-SU-2018:2407-1", "OPENSUSE-SU-2019:0065-1", "OPENSUSE-SU-2019:0140-1", "SUSE-SU-2015:0481-1", "SUSE-SU-2017:1613-1", "SUSE-SU-2017:3225-1", "SUSE-SU-2017:3226-1", "SUSE-SU-2017:3284-1", "SUSE-SU-2017:3285-1", "SUSE-SU-2017:3286-1", "SUSE-SU-2017:3295-1", "SUSE-SU-2017:3296-1", "SUSE-SU-2017:3297-1", "SUSE-SU-2017:3300-1", "SUSE-SU-2017:3310-1", "SUSE-SU-2017:3314-1", "SUSE-SU-2017:3317-1", "SUSE-SU-2017:3319-1", "SUSE-SU-2017:3324-1", "SUSE-SU-2017:3398-1", "SUSE-SU-2017:3410-1", "SUSE-SU-2018:0040-1"]}, {"type": "symantec", "idList": ["SMNTC-1467"]}, {"type": "thn", "idList": ["THN:9B30E750177FCE2138C2D9F3C42B178A"]}, {"type": "threatpost", "idList": ["THREATPOST:54E7457360B9B4CFC6843F7B3E0C5367"]}, {"type": "ubuntu", "idList": ["USN-2890-3", "USN-3265-2", "USN-3342-1", "USN-3507-2", "USN-3509-1", "USN-3509-3", "USN-3511-1", "USN-3740-1", "USN-3740-2", "USN-3741-1", "USN-3741-2", "USN-3741-3", "USN-3742-1", "USN-3742-2", "USN-3742-3", "USN-3879-1", "USN-3879-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-18232", "UB:CVE-2017-18257", "UB:CVE-2018-20169", "UB:CVE-2018-5391", "UB:CVE-2018-7740"]}, {"type": "virtuozzo", "idList": ["VZA-2018-024", "VZA-2018-025", "VZA-2018-026", "VZA-2018-028", "VZA-2018-029", "VZA-2018-038", "VZA-2018-074", "VZA-2018-075"]}, {"type": "zdt", "idList": ["1337DAY-ID-25513"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2014-3184", "epss": "0.000640000", "percentile": "0.261550000", "modified": "2023-03-14"}, {"cve": "CVE-2014-3534", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2014-4608", "epss": "0.017200000", "percentile": "0.859040000", "modified": "2023-03-14"}, {"cve": "CVE-2014-8481", "epss": "0.001240000", "percentile": "0.451120000", "modified": "2023-03-14"}, {"cve": "CVE-2014-9904", "epss": "0.000460000", "percentile": "0.127880000", "modified": "2023-03-14"}, {"cve": "CVE-2015-3288", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2015-7990", "epss": "0.000440000", "percentile": "0.082350000", "modified": "2023-03-14"}, {"cve": "CVE-2015-8660", "epss": "0.000560000", "percentile": "0.211590000", "modified": "2023-03-14"}, {"cve": "CVE-2016-10044", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2016-3955", "epss": "0.019220000", "percentile": "0.867630000", "modified": "2023-03-14"}, {"cve": "CVE-2016-6828", "epss": "0.000450000", "percentile": "0.124500000", "modified": "2023-03-14"}, {"cve": "CVE-2017-1000405", "epss": "0.001790000", "percentile": "0.533380000", "modified": "2023-03-14"}, {"cve": "CVE-2017-15128", "epss": "0.000620000", "percentile": "0.245750000", "modified": "2023-03-14"}, {"cve": "CVE-2017-17450", "epss": "0.000440000", "percentile": "0.082350000", "modified": "2023-03-14"}, {"cve": "CVE-2017-18232", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2017-18257", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2017-7374", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}, {"cve": "CVE-2018-20169", "epss": "0.002040000", "percentile": "0.566210000", "modified": "2023-03-14"}, {"cve": "CVE-2018-5391", "epss": "0.009790000", "percentile": "0.811180000", "modified": "2023-03-14"}, {"cve": "CVE-2018-7740", "epss": "0.000420000", "percentile": "0.056350000", "modified": "2023-03-14"}], "vulnersScore": 0.5}, "_state": {"dependencies": 1660032824, "score": 1683999172, "epss": 1678882283}, "_internal": {"score_hash": "93b95dbe9c8f4d14e84ebd6998498019"}, "pluginID": "124828", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124828);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2014-3184\",\n \"CVE-2014-3534\",\n \"CVE-2014-4608\",\n \"CVE-2014-8481\",\n \"CVE-2014-9904\",\n \"CVE-2015-3288\",\n \"CVE-2015-7990\",\n \"CVE-2015-8660\",\n \"CVE-2016-10044\",\n \"CVE-2016-3955\",\n \"CVE-2016-6828\",\n \"CVE-2017-1000405\",\n \"CVE-2017-15128\",\n \"CVE-2017-17450\",\n \"CVE-2017-18232\",\n \"CVE-2017-18257\",\n \"CVE-2017-7374\",\n \"CVE-2018-20169\",\n \"CVE-2018-5391\",\n \"CVE-2018-7740\"\n );\n script_bugtraq_id(\n 68214,\n 68940,\n 69768,\n 70712\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):A flaw named FragmentSmack\n was found in the way the Linux kernel handled\n reassembly of fragmented IPv4 and IPv6 packets. A\n remote attacker could use this flaw to trigger time and\n calculation expensive fragment reassembly algorithm by\n sending specially crafted packets which could lead to a\n CPU saturation and hence a denial of service on the\n system.(CVE-2018-5391)Multiple out-of-bounds write\n flaws were found in the way the Cherry Cymotion\n keyboard driver, KYE/Genius device drivers, Logitech\n device drivers, Monterey Genius KB29E keyboard driver,\n Petalynx Maxter remote control driver, and Sunplus\n wireless desktop driver handled HID reports with an\n invalid report descriptor size. An attacker with\n physical access to the system could use either of these\n flaws to write data past an allocated memory\n buffer.(CVE-2014-3184)The __get_data_block function in\n fs/f2fs/data.c in the Linux kernel before 4.11 allows\n local users to cause a denial of service (integer\n overflow and loop) via crafted use of the open and\n fallocate system calls with an FS_IOC_FIEMAP\n ioctl.(CVE-2017-18257)netetfilter/xt_osf.c in the Linux\n kernel through 4.14.4 does not require the\n CAP_NET_ADMIN capability for add_callback and\n remove_callback operations. This allows local users to\n bypass intended access restrictions because the\n xt_osf_fingers data structure is shared across all\n network namespaces.(CVE-2017-17450)A denial of service\n flaw was discovered in the Linux kernel, where a race\n condition caused a NULL pointer dereference in the RDS\n socket-creation code. A local attacker could use this\n flaw to create a situation in which a NULL pointer\n crashed the kernel.(CVE-2015-7990)An issue was\n discovered in the Linux kernel before 4.19.9. The USB\n subsystem mishandles size checks during the reading of\n an extra descriptor, related to\n __usb_get_extra_descriptor in\n drivers/usb/core/usb.c.(CVE-2018-20169)mm/memory.c in\n the Linux kernel before 4.1.4 mishandles anonymous\n pages, which allows local users to gain privileges or\n cause a denial of service (page tainting) via a crafted\n application that triggers writing to page\n zero.(CVE-2015-3288)The ovl_setattr function in\n fs/overlayfs/inode.c in the Linux kernel through 4.3.3\n attempts to merge distinct setattr operations, which\n allows local users to bypass intended access\n restrictions and modify the attributes of arbitrary\n overlay files via a crafted\n application.(CVE-2015-8660)A flaw was found in the\n Linux kernel where a local user with a shell account\n can abuse the userfaultfd syscall when using hugetlbfs.\n A missing size check in hugetlb_mcopy_atomic_pte could\n create an invalid inode variable, leading to a kernel\n panic.(CVE-2017-15128)An integer overflow flaw was\n found in the way the lzo1x_decompress_safe() function\n of the Linux kernel's LZO implementation processed\n Literal Runs. A local attacker could, in extremely rare\n cases, use this flaw to crash the system or,\n potentially, escalate their privileges on the\n system.(CVE-2014-4608)It was found that Linux kernel's\n ptrace subsystem did not properly sanitize the\n address-space-control bits when the program-status word\n (PSW) was being set. On IBM S/390 systems, a local,\n unprivileged user could use this flaw to set\n address-space-control bits to the kernel space, and\n thus gain read and write access to kernel\n memory.(CVE-2014-3534)A use-after-free flaw was found\n in the Linux kernel's file system encryption\n implementation. A local user could revoke keyring keys\n being used for ext4, f2fs, or ubifs encryption, causing\n a denial of service on the system.(CVE-2017-7374)The\n usbip_recv_xbuff function in\n drivers/usb/usbip/usbip_common.c in the Linux kernel\n before 4.5.3 allows remote attackers to cause a denial\n of service (out-of-bounds write) or possibly have\n unspecified other impact via a crafted length value in\n a USB/IP packet.(CVE-2016-3955)A flaw was found in the\n patches used to fix the 'dirtycow' vulnerability\n (CVE-2016-5195). An attacker, able to run local code,\n can exploit a race condition in transparent huge pages\n to modify usually read-only huge\n pages.(CVE-2017-1000405)The aio_mount function in\n fs/aio.c in the Linux kernel does not properly restrict\n execute access, which makes it easier for local users\n to bypass intended SELinux W^X policy\n restrictions.(CVE-2016-10044)The Serial Attached SCSI\n (SAS) implementation in the Linux kernel mishandles a\n mutex within libsas. This allows local users to cause a\n denial of service (deadlock) by triggering certain\n error-handling code.(CVE-2017-18232)A use-after-free\n vulnerability was found in tcp_xmit_retransmit_queue\n and other tcp_* functions. This condition could allow\n an attacker to send an incorrect selective\n acknowledgment to existing connections, possibly\n resetting a connection.(CVE-2016-6828)The instruction\n decoder in arch/x86/kvm/emulate.c in the KVM subsystem\n in the Linux kernel before 3.18-rc2 does not properly\n handle invalid instructions, which allows guest OS\n users to cause a denial of service (NULL pointer\n dereference and host OS crash) via a crafted\n application that triggers (1) an improperly fetched\n instruction or (2) an instruction that occupies too\n many bytes. NOTE: this vulnerability exists because of\n an incomplete fix for CVE-2014-8480.(CVE-2014-8481)The\n snd_compress_check_input function in\n sound/core/compress_offload.c in the ALSA subsystem in\n the Linux kernel before 3.17 does not properly check\n for an integer overflow, which allows local users to\n cause a denial of service (insufficient memory\n allocation) or possibly have unspecified other impact\n via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl\n call.(CVE-2014-9904)The resv_map_release function in\n mm/hugetlb.c in the Linux kernel, through 4.15.7,\n allows local users to cause a denial of service (BUG)\n via a crafted application that makes mmap system calls\n and has a large pgoff argument to the remap_file_pages\n system call.(CVE-2018-7740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1505\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0dd8d759\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "naslFamily": "Huawei Local Security Checks", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "solution": "Update the affected kernel packages.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2019-05-09T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["Core Impact", "CANVAS(CANVAS)", "Metasploit(Overlayfs Privilege Escalation)"], "vendor_cvss2": {}, "vendor_cvss3": {}}

{"openvas": [{"lastseen": "2020-02-05T16:39:54", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1505)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-17450", "CVE-2014-8481", "CVE-2017-15128", "CVE-2015-3288", "CVE-2014-9904", "CVE-2018-5391", "CVE-2017-18257", "CVE-2016-6828", "CVE-2017-18232", "CVE-2017-7374", "CVE-2014-3534", "CVE-2016-3955", "CVE-2018-7740", "CVE-2015-7990", "CVE-2014-4608", "CVE-2015-8660", "CVE-2018-20169", "CVE-2017-1000405", "CVE-2016-10044", "CVE-2014-3184"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191505", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191505", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1505\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2014-3184\", \"CVE-2014-3534\", \"CVE-2014-4608\", \"CVE-2014-8481\", \"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2015-7990\", \"CVE-2015-8660\", \"CVE-2016-10044\", \"CVE-2016-3955\", \"CVE-2016-6828\", \"CVE-2017-1000405\", \"CVE-2017-15128\", \"CVE-2017-17450\", \"CVE-2017-18232\", \"CVE-2017-18257\", \"CVE-2017-7374\", \"CVE-2018-20169\", \"CVE-2018-5391\", \"CVE-2018-7740\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:59:08 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1505)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1505\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1505\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1505 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.(CVE-2018-5391)\n\nMultiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer.(CVE-2014-3184)\n\nThe __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.(CVE-2017-18257)\n\nnet/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.(CVE-2017-17450)\n\nA denial of service flaw was discovered in the Linux kernel, where a race condition caused a NULL pointer dereference in the RDS socket-creation code. A local attacker could use this flaw to create a situation in which a NULL pointer crashed the kernel.(CVE-2015-7990)\n\nAn issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.(CVE-2018-20169)\n\nmm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.(CVE-2015-3288)\n\nThe ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.(CVE-2015-8660)\n\nA flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlb_mcopy_atomic_pte could create ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3127-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3288", "CVE-2016-3961", "CVE-2014-9904", "CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3127-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842951\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:46 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3127-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the compression\n handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the\n Linux kernel did not properly check for an integer overflow. A local attacker\n could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did\nnot properly handle anonymous pages. A local attacker could use this to\ncause a denial of service or possibly gain administrative privileges.\n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress\nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest\nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel\ncontained a buffer overflow when displaying timeout events via the\n/proc/keys interface. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2016-7042)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3127-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3127-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic-lpae\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-lowlatency\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-e500\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-e500mc\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-smp\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc64-emb\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc64-smp\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-trusty USN-3127-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3288", "CVE-2016-3961", "CVE-2014-9904", "CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842949", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-3127-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842949\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:39 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-3127-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3127-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding\n updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS\n for Ubuntu 12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux\nSound Architecture (ALSA) subsystem in the Linux kernel did not properly\ncheck for an integer overflow. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did\nnot properly handle anonymous pages. A local attacker could use this to\ncause a denial of service or possibly gain administrative privileges.\n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress\nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest\nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel\ncontained a buffer overflow when displaying timeout events via the\n/proc/keys interface. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2016-7042)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3127-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3127-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic\", ver:\"3.13.0-101.148~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic-lpae\", ver:\"3.13.0-101.148~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-trusty\", ver:\"3.13.0.101.92\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-trusty\", ver:\"3.13.0.101.92\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:33:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-ba39fc0e07", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874293", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874293", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_ba39fc0e07_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-ba39fc0e07\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874293\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 08:59:56 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2017-18232\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-ba39fc0e07\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-ba39fc0e07\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZHTSWSNAX47UXWALOOFKC4PXGE4TNM6E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.15.12~201.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:33:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2018-e378863e47", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874290", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874290", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_e378863e47_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2018-e378863e47\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874290\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-28 08:59:36 +0200 (Wed, 28 Mar 2018)\");\n script_cve_id(\"CVE-2017-18232\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2018-e378863e47\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-e378863e47\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB4IJT2U6PA5EF5WE5UBNB6NAY2Z6ZX6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.15.12~301.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-01-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2857-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842592", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842592", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2857-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842592\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-07 05:02:05 +0100 (Thu, 07 Jan 2016)\");\n script_cve_id(\"CVE-2015-8660\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2857-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Nathan Williams discovered that\n overlayfs in the Linux kernel incorrectly handled setattr operations.\n A local unprivileged attacker could use this to create files with\n administrative permission attributes and execute arbitrary code with\n elevated privileges.\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 15.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2857-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2857-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-generic\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-generic-lpae\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-lowlatency\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc-e500mc\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc-smp\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc64-emb\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc64-smp\", ver:\"3.19.0-43.49\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-01-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-vivid USN-2857-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842588", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842588", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-vivid USN-2857-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842588\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-07 05:01:52 +0100 (Thu, 07 Jan 2016)\");\n script_cve_id(\"CVE-2015-8660\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-vivid USN-2857-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-vivid'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Nathan Williams discovered that overlayfs\n in the Linux kernel incorrectly handled setattr operations. A local\n unprivileged attacker could use this to create files with administrative\n permission attributes and execute arbitrary code with elevated privileges.\");\n script_tag(name:\"affected\", value:\"linux-lts-vivid on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2857-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2857-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-generic\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-generic-lpae\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-lowlatency\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc-e500mc\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc-smp\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc64-emb\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.19.0-43-powerpc64-smp\", ver:\"3.19.0-43.49~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-01-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-wily USN-2858-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842591", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842591", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-wily USN-2858-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842591\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-07 05:02:03 +0100 (Thu, 07 Jan 2016)\");\n script_cve_id(\"CVE-2015-8660\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-wily USN-2858-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-wily'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Nathan Williams discovered that overlayfs\n in the Linux kernel incorrectly handled setattr operations. A local\n unprivileged attacker could use this to create files with administrative\n permission attributes and execute arbitrary code with elevated privileges.\");\n script_tag(name:\"affected\", value:\"linux-lts-wily on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2858-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2858-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-generic\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-generic-lpae\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-lowlatency\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc-e500mc\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc-smp\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc64-emb\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc64-smp\", ver:\"4.2.0-23.28~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-01-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2858-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842589", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842589", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-2858-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842589\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-07 05:01:54 +0100 (Thu, 07 Jan 2016)\");\n script_cve_id(\"CVE-2015-8660\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-2858-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Nathan Williams discovered that overlayfs in\n the Linux kernel incorrectly handled setattr operations. A local unprivileged\n attacker could use this to create files with administrative permission attributes\n and execute arbitrary code with elevated privileges.\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 15.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2858-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2858-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-generic\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-generic-lpae\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-lowlatency\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc-e500mc\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc-smp\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc64-emb\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-23-powerpc64-smp\", ver:\"4.2.0-23.28\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-01-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-2858-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842586", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842586", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-2858-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842586\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-01-07 05:01:44 +0100 (Thu, 07 Jan 2016)\");\n script_cve_id(\"CVE-2015-8660\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-2858-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Nathan Williams discovered that overlayfs\n in the Linux kernel incorrectly handled setattr operations. A local\n unprivileged attacker could use this to create files with administrative\n permission attributes and execute arbitrary code with elevated privileges.\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 15.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2858-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2858-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.2.0-1018-raspi2\", ver:\"4.2.0-1018.25\", rls:\"UBUNTU15.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-5e24d8c350", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809179", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-5e24d8c350\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809179\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-26 05:50:35 +0200 (Fri, 26 Aug 2016)\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-5e24d8c350\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-5e24d8c350\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TURJCX6L7HMFUENGEENRRLL7FKIWB2OF\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.7~300.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-17T22:55:09", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2016-10-26T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2016-740)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120729", "sourceData": "# Copyright (C) 2016 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120729\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:23 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2016-740)\");\n script_tag(name:\"insight\", value:\"A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-740.html\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-devel\", rpm:\"kernel-tools-devel~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~4.4.19~29.55.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:39", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-08-26T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2016-723350dd75", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-723350dd75\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809178\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-26 05:50:30 +0200 (Fri, 26 Aug 2016)\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-723350dd75\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-723350dd75\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5GNL62PWWP2XCVMWM75EIDM2DLYTMPGM\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.7~200.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-b0c1f44130", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873860", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873860", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_b0c1f44130_kernel_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-b0c1f44130\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873860\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-05 07:55:57 +0100 (Tue, 05 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000405\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-b0c1f44130\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-b0c1f44130\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6LLKSHB3TZCA72UK4KDILWHY4Q4RTGU\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.13.16~302.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:34:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-12-05T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2017-9ea11e444d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000405"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310873857", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873857", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_9ea11e444d_kernel_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for kernel FEDORA-2017-9ea11e444d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873857\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-05 07:54:59 +0100 (Tue, 05 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000405\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-9ea11e444d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-9ea11e444d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ALUMLCIZOR6UUC5NJKXPGIAXHBJR6NL\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.13.16~202.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-07-04T18:56:35", "description": "CVE-2018-5391 (FragmentSmack)\n\nJuha-Matti Tilli discovered a flaw in the way the Linux kernel\nhandled reassembly of fragmented IPv4 and IPv6 packets. A remote\nattacker can take advantage of this flaw to trigger time and\ncalculation expensive fragment reassembly algorithms by sending\nspecially crafted packets, leading to remote denial of service.\n\nThis is mitigated by reducing the default limits on memory usage\nfor incomplete fragmented packets. The same mitigation can be\nachieved without the need to reboot, by setting the sysctls:\n\nnet.ipv4.ipfrag_low_thresh = 196608 net.ipv6.ip6frag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv6.ip6frag_high_thresh = 262144\nThe default values may still be increased by local configuration\nif necessary.", "cvss3": {}, "published": "2018-08-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4272-1 (linux - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704272", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704272", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4272-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704272\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-5391\");\n script_name(\"Debian Security Advisory DSA 4272-1 (linux - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-08-14 00:00:00 +0200 (Tue, 14 Aug 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4272.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"linux on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), this problem has been fixed in\nversion 4.9.110-3+deb9u2.\n\nWe recommend that you upgrade your linux packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/linux\");\n script_tag(name:\"summary\", value:\"CVE-2018-5391 (FragmentSmack)\n\nJuha-Matti Tilli discovered a flaw in the way the Linux kernel\nhandled reassembly of fragmented IPv4 and IPv6 packets. A remote\nattacker can take advantage of this flaw to trigger time and\ncalculation expensive fragment reassembly algorithms by sending\nspecially crafted packets, leading to remote denial of service.\n\nThis is mitigated by reducing the default limits on memory usage\nfor incomplete fragmented packets. The same mitigation can be\nachieved without the need to reboot, by setting the sysctls:\n\nnet.ipv4.ipfrag_low_thresh = 196608 net.ipv6.ip6frag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv6.ip6frag_high_thresh = 262144\nThe default values may still be increased by local configuration\nif necessary.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"hyperv-daemons\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower-dev\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcpupower1\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libusbip-dev\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-arm\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-s390\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-compiler-gcc-6-x86\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-cpupower\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-doc-4.9\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-armhf\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-i386\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mips64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-mipsel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-ppc64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-all-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-common-rt\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-3-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-armel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-armhf\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-i386\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mips\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mips64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-mipsel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-ppc64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-all-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-common\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-common-rt\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-4-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-armel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-armhf\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-i386\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-mips\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-mips64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-mipsel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-ppc64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-all-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-common\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-common-rt\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-5-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-armel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-armhf\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-i386\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-mips\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-mips64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-mipsel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-ppc64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-all-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-6-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-armel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-armhf\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-i386\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-mips\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-mips64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-mipsel\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-ppc64el\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-all-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-common\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-common-rt\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-headers-4.9.0-7-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-4kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-5kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-arm64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-armmp-lpae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-loongson-3-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-marvell-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-octeon-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-powerpc64le-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-rt-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-3-s390x-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-4kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-5kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-arm64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-armmp-lpae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-loongson-3-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-marvell-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-octeon-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-powerpc64le-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-rt-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-4-s390x-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-4kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-5kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-686-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-arm64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-armmp-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-armmp-lpae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-loongson-3-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-marvell-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-octeon-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-powerpc64le-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-rt-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-rt-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-5-s390x-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-4kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-5kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-686-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-arm64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-armmp-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-armmp-lpae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-loongson-3-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-marvell-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-octeon-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-powerpc64le-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-rt-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-rt-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-6-s390x-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-4kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-4kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-5kc-malta\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-5kc-malta-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-686\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-686-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-arm64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-arm64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-armmp\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-armmp-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-armmp-lpae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-armmp-lpae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-loongson-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-loongson-3-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-marvell\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-marvell-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-octeon\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-octeon-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-powerpc64le\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-powerpc64le-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-rt-686-pae\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-rt-686-pae-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-rt-amd64\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-rt-amd64-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-s390x\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-image-4.9.0-7-s390x-dbg\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-kbuild-4.9\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-manual-4.9\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-perf-4.9\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-source-4.9\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-3\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-4\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-5\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"linux-support-4.9.0-7\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"usbip\", ver:\"4.9.110-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-09T17:46:08", "description": "There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack.", "cvss3": {}, "published": "2020-06-05T00:00:00", "type": "openvas", "title": "Huawei Data Communication: FragmentSmack Vulnerability in Linux Kernel (huawei-sa-20190123-01-linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-06-06T00:00:00", "id": "OPENVAS:1361412562310108793", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108793", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108793\");\n script_version(\"2020-06-06T12:09:29+0000\");\n script_tag(name:\"last_modification\", value:\"2020-06-06 12:09:29 +0000 (Sat, 06 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-05 08:17:40 +0000 (Fri, 05 Jun 2020)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Huawei Data Communication: FragmentSmack Vulnerability in Linux Kernel (huawei-sa-20190123-01-linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei\");\n script_dependencies(\"gb_huawei_vrp_network_device_consolidation.nasl\");\n script_mandatory_keys(\"huawei/vrp/detected\");\n\n script_tag(name:\"summary\", value:\"There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack.\");\n\n script_tag(name:\"insight\", value:\"There is a DoS vulnerability in the Linux Kernel versions 3.9+ known as a FragmentSmack attack. Remote attackers could send fragmented IPv4 or IPv6 packets to the affected device to trigger time and calculation reassembly algorithms that could consume excessive CPU resources, resulting in a DoS condition. (Vulnerability ID: HWPSIRT-2018-08115)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2018-5391.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.\");\n\n script_tag(name:\"impact\", value:\"A remote attacker may be able to trigger a denial-of-service condition.\");\n\n script_tag(name:\"affected\", value:\"Anne-AL00 versions Versions earlier than 8.0.0.168(C00)\n\nAtomu-AL10B versions Versions earlier than 8.0.0.195(C00)\n\nAtomu-L03 versions Versions earlier than 8.0.0.144(C605CUSTC605D1) Versions earlier than 8.0.0.144(C605CUSTC605D1)\n\nAtomu-L11 versions Versions earlier than 8.0.0.144(C782CUSTC782D1) Versions earlier than 8.0.0.144(C782CUSTC782D1)\n\nAtomu-L21 versions Versions earlier than 8.0.0.140(C432CUSTC432D1) Versions earlier than 8.0.0.142(C432CUSTC432D1)\n\nAtomu-L23 versions Versions earlier than 8.0.0.144(C605CUSTC605D1) Versions earlier than 8.0.0.146(C605CUSTC605D1)\n\nAtomu-L29A versions Versions earlier than 8.0.0.137(C432CUSTC432D1) Versions earlier than 8.0.0.137(C432CUSTC432D1) Versions earlier than 8.0.0.142(C185CUSTC185D1) Versions earlier than 8.0.0.142(C185CUSTC185D1) Versions earlier than 8.0.0.142(C461CUSTC461D1) Versions earlier than 8.0.0.142(C461CUSTC461D1) Versions earlier than 8.0.0.162(C636CUSTC636D1) Versions earlier than 8.0.0.162(C636CUSTC636D1)\n\nAtomu-L41 versions Versions earlier than 8.0.0.143(C461CUSTC461D1) Versions earlier than 8.0.0.143(C461CUSTC461D1)\n\nAtomu-L42 versions Versions earlier than 8.0.0.143(C636CUSTC636D1) Versions earlier than 8.0.0.143(C636CUSTC636D1)\n\nB525s-23a versions Versions earlier than TCPU-V100R001B190D65SP00C00 Versions earlier than TCPU-V100R001B190D65SP00C00 Versions earlier than TCPU-V100R001B190D65SP00C00 Versions earlier than TCPU-V100R001B190D65SP00C00 Versions earlier than TCPU-V800R001B191D11SP00C00 Versions earlier than TCPU-V800R001B191D11SP00C00 Versions earlier than TCPU-V800R001B191D11SP00C00 Versions earlier than TCPU-V800R001B191D11SP00C00 Versions earlier than TCPU-V800R001B191D11SP00C00\n\nBLA-A09 versions Versions earlier than 8.0.0.127(C567) Versions earlier than 8.0.0.127(C567) Versions earlier than 8.0.0.127(C567) Versions earlier than 8.0.0.127(C567)\n\nBLA-L09C versions Versions earlier than 9.0.0.159(C185E2R1P13T8) Versions earlier than 9.0.0.160(C605E2R1P12T8) Versions earlier than 9.0.0.161(C432E4R1P11T8)\n\nBLA-L29C versions Versions earlier than 8.0.0.151(C635) Versions earlier than 9.0.0.159(C185E2R1P13T8) Versions earlier than 9.0.0.159(C636E2R1P13T8) Versions earlier than 9.0.0.160(C605E2R1P12T8) Versions earlier than 9.0.0.161(C432E4R1P11T8)\n\nBerkeley-AL20 versions Versions earlier than 8.0.0.202(C00GT)\n\nBerkeley-L09 versions Versions earlier than 8.0.0.169(C636)\n\nCameron-AL09A versions Versions earlier than 8.0.0.187(C185) Versions earlier than 8.0.0.190(C432)\n\nCameron-W09A versions Versions earlier than 8.0.0.185(TWNC636)\n\nCannes-AL10 versions Versions earlier than C00B386\n\nCharlotte-L09C versions Versions earlier than 9.0.0.159(C185E4R1P11T8) Versions earlier than 9.0.0.161(C605E2R1P9T8) Versions earlier than 9.0.0.163(C432E5R1P9T8)\n\nCharlotte-L29C versions Versions earlier than 9.0.0.159(C185E4R1P11T8) Versions earlier than 9.0.0.161(C605E2R1P11T8) Versions earlier than 9.0.0.163(C432E5R1P9T8) Versions earlier than 9.0.0.168(C636E2R1P12T8)\n\nE5785Lh-92a versions Versions earlier than TCPU-V200R001B191D63SP00C00 Versions earlier than TCPU-V200R001B191D63SP00C00\n\nE5787Ph versions Versions earlier than -67aTCPU-V200R001B191D63SP00C00\n\nE5787Ph-92a versions Versions earlier than TCPU-V200R001B190D61SP00C00\n\nEmily-L09C versions Versions earlier than 9.0.0.159(C185E2R1P12T8) Versions earlier than 9.0.0.160(C432E7R1P11T8) Versions earlier than 9.0.0.161(C605E2R1P11T8)\n\nEmily-L29C versions Versions earlier than 8.1.0.135(C635) Versions earlier than 8.1.0.154(C635) Versions earlier than 9.0.0.159(C185E2R1P12T8) Versions earlier than 9.0.0.159(C461E2R1P11T8) Versions earlier than 9.0.0.160(C432E7R1P11T8) Versions earlier than 9.0.0.161(C605E2R1P12T8) Versions earlier than 9.0.0.168(C636E7R1P13T8)\n\nEulerOS versions 2.2.RC3 2.2.RC5 V200R002C20 V200R003C00 V200R005C00\n\nFigo-AL00A versions Versions earlier than 8.0.0.178(C00) Versions earlier than 8.0.0.178(C00)\n\nFigo-L03 versions Versions earlier than 8.0.0.145(C605)\n\nFigo-L11 versions Versions earlier than 8.0.0.137(C782) Versions earlier than 8.0.0.138(C782) Versions earlier than 8.0.0.155(C432) Versions earlier than 8.0.0.159(C432)\n\nFigo-L21 versions Versions earlier than 8.0.0.138(C185) Versions earlier than 8.0.0.139(C635)\n\nFigo-L23 versions Versions earlier than 8.0.0.144(C605)\n\nFigo-L31 versions Versions earlier than 8.0.0.162(C432)\n\nFlorida-AL10B versions Versions earlier than 8.0.0.172(C00)\n\nFlorida-L21 versions Versions earlier than 8.0.0.127(C432) Versions earlier than 8.0.0.128(C185) Versions earlier than 8.0.0.129(C605)\n\nFlorida-L23 versions Versions earlier than 8.0.0.136(C605)\n\nHUAWEI B618,HUAWEI 4G Router B618 versions Versions earlier than B618s-22dTCPU-V800R001B198D11SP00C00 Versions earlier than B618s-22dTCPU-V800R001B198D11SP00C00\n\nHUAWEI Mobile WiFi Pro2,HUAWEI Mobile WiFi 2 Pro,Huawei Mobile WiFi 2 Pro versions Versions earlier than E5885Ls-93aTCPU-V200R001B191D63SP00C00\n\nHUAWEI P smart versions Versions earlier than 8.0.0.131(ZAFC185)\n\nHUAWEI P smart,HUAWEI Y7s versions Versions earlier than 8.0.0.111(C636) Versions earlier than 8.0.0.112(C636)\n\nHUAWEI P20 versions 6.0.1.3(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 9.0.0.125(C00E76R1P21T8)\n\nHUAWEI P20 Pro versions 8.1.0.176(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00) Versions earlier than 8.1.0.167(C00)\n\nHUAWEI P20 lite versions Versions earlier than 8.0.0.147(C605) Versions earlier than 8.0.0.148(C605) Versions earlier than 8.0.0.151(C432)\n\nHUAWEI Y6 2018 versions Versions earlier than 8.0.0.140(C432CUSTC432D1) Versions earlier than 8.0.0.142(C432CUSTC432D1) Versions earlier than 8.0.0.143(C185CUSTC185D1) Versions earlier than 8.0.0.143(C185CUSTC185D1) Versions earlier than 8.0.0.143(C185CUSTC185D1) Versions earlier than 8.0.0.144(C636CUSTC636D1) Versions earlier than 8.0.0.144(C636CUSTC636D1) Versions earlier than 8.0.0.146(C185CUSTC185D1)\n\nHUAWEI Y6 Prime 2018 versions Versions earlier than 8.0.0.142(C569CUSTC569D1) Versions earlier than 8.0.0.142(C569CUSTC569D1) Versions earlier than 8.0.0.143(C461CUSTC461D1) Versions earlier than 8.0.0.143(C461CUSTC461D1) Versions earlier than 8.0.0.144(C185CUSTC185D1) Versions earlier than 8.0.0.144(C185CUSTC185D1)\n\nHUAWEI Y7 2018 versions Versions earlier than 8.0.0.139(C432CUSTC432D1) Versions earlier than 8.0.0.139(C432CUSTC432D1) Versions earlier than 8.0.0.142(C185CUSTC185D1) Versions earlier than 8.0.0.150(C569CUSTC569D1) Versions earlier than 8.0.0.153(C185CUSTC185D1) Versions earlier than 8.0.0.158(C605CUSTC605D1) Versions earlier than 8.0.0.160(C782CUSTC782D1)\n\nHUAWEI Y7 Prime 2018 versions Versions earlier than 8.0.0.135(C432CUSTC432D1) Versions earlier than 8.0.0.147(C185CUSTC185D1)\n\nHUAWEI Y7 Pro 2018 versions Versions earlier than 8.0.0.146(C636CUSTC636D1)\n\nHUAWEI nova 3e versions Versions earlier than 8.0.0.156(C636)\n\nHUAWEI nova 3e,HUAWEI P20 lite versions Versions earlier than 8.0.0.145(ZAFC185) Versions earlier than 8.0.0.146(C605)\n\nLeland-AL00A versions Versions earlier than 8.0.0.182(C00) Versions earlier than 8.0.0.182(C00)\n\nLeland-AL10B versions Versions earlier than 8.0.0.133(C00)\n\nLeland-L21A versions Versions earlier than 8.0.0.133(C185) Versions earlier than 8.0.0.133(C636)\n\nLeland-L31A versions Versions earlier than 8.0.0.138(C432) Versions earlier than 8.0.0.138(C432)\n\nLondon-AL30A versions Versions earlier than 8.0.0.215(C00)\n\nLondon-AL40B versions Versions earlier than 8.0.0.216(C00)\n\nLondon-L22 versions Versions earlier than 8.0.0.147(C636CUSTC636D1)\n\nLondon-L29 versions Versions earlier than 8.0.0.135(C461CUSTC461D1) Versions earlier than 8.0.0.137(C432CUSTC432D1) Versions earlier than 8.0.0.144(C185CUSTC185D1) Versions earlier than 8.0.0.145(C636CUSTC636D1)\n\nMobile WiFi2(Cat6) versions Versions earlier than E5785Lh-22cTCPU-V200R001B191D63SP00C00\n\nSchubert-AL09A versions Versions earlier than 8.0.0.173(C635) Versions earlier than 8.0.0.186(C432) Versions earlier than 8.0.0.187(C185)\n\nSchubert-W09A versions Versions earlier than 8.0.0.173(C567) Versions earlier than 8.0.0.173(C635) Versions earlier than 8.0.0.185(C432)\n\nSelina-L02 versions Versions earlier than C432B159\n\nToronto-L01 versions Versions earlier than C464B164CUSTC464D001\n\nToronto-L03 versions Versions earlier than C469B191CUSTC469D001\n\nToronto-L21 versions Versions earlier than C10B178CUSTC10D001 Versions earlier than C432B180CUSTC432D001 Versions earlier than C432B181CUSTC432D001 Versions earlier than C569B178CUSTC569D001 Versions earlier than C569B182CUSTC569D001\n\nToronto-L22 versions Versions earlier than C636B189CUSTC636D001\n\nToronto-L23 versions Versions earlier than C469B190CUSTC469D001\n\nHuawei 4G routing 2 versions Versions earlier than 8.0.1.9(H183SP3C00)\n\nHuawei Enjoy 8 versions Versions earlier than 8.0.0.215(C00) Versions earlier than 8.0.0.215(C00)\n\nHonor Play 7A versions Versions earlier than 8.0.0.195(C00) Versions earlier than 8.0.0.195(C00)\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190123-01-linux-en\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\n# nb: Unknown device (no VRP), no public vendor advisory or general inconsistent / broken data\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:37:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181352", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181352", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1352\");\n script_version(\"2020-01-23T11:23:04+0000\");\n script_cve_id(\"CVE-2018-5391\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:23:04 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:23:04 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1352)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1352\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1352\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2018-1352 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.(CVE-2018-5391)\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.44.5.10_102\", rls:\"EULEROSVIRT-2.5.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:37:21", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191168", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191168", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1168\");\n script_version(\"2020-01-23T11:33:31+0000\");\n script_cve_id(\"CVE-2018-5391\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1168)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1168\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1168\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1168 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.CVE-2018-5391\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.1_24\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:37:33", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-7740", "CVE-2018-1092"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191229", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191229", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1229\");\n script_version(\"2020-01-23T11:35:51+0000\");\n script_cve_id(\"CVE-2018-1092\", \"CVE-2018-7740\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:35:51 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:35:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1229)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.4\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1229\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1229\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1229 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.CVE-2018-1092\n\nThe resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.CVE-2018-7740\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization 2.5.4.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.4\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~862.14.1.1_54\", rls:\"EULEROSVIRT-2.5.4\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-05-18T14:29:31", "description": "It was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-3127-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3127-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94731", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3127-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94731);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3127-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-3127-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the compression handling code in the Advanced\nLinux Sound Architecture (ALSA) subsystem in the Linux kernel did not\nproperly check for an integer overflow. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel\ndid not properly handle anonymous pages. A local attacker could use\nthis to cause a denial of service or possibly gain administrative\nprivileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly\nsuppress hugetlbfs support in X86 paravirtualized guests. An attacker\nin the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3127-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3127-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-generic\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-generic-lpae\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-lowlatency\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-virtual\", pkgver:\"3.13.0.101.109\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:30:07", "description": "USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3127-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3127-2.NASL", "href": "https://www.tenable.com/plugins/nessus/94732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3127-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94732);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3127-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3127-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced\nLinux Sound Architecture (ALSA) subsystem in the Linux kernel did not\nproperly check for an integer overflow. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel\ndid not properly handle anonymous pages. A local attacker could use\nthis to cause a denial of service or possibly gain administrative\nprivileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly\nsuppress hugetlbfs support in X86 paravirtualized guests. An attacker\nin the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3127-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3127-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-101-generic\", pkgver:\"3.13.0-101.148~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-101-generic-lpae\", pkgver:\"3.13.0-101.148~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lpae-lts-trusty\", pkgver:\"3.13.0.101.92\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lts-trusty\", pkgver:\"3.13.0.101.92\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:07", "description": "The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to receive various security and bugfixes. The following security bugs were fixed :\n\n - CVE-2018-1091: In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service (bnc#1087231).\n\n - CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed local users to cause a denial of service (BUG) via a crafted application that made mmap system calls and has a large pgoff argument to the remap_file_pages system call (bnc#1084353).\n\n - CVE-2018-8043: The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource availability, which allowed local users to cause a denial of service (NULL pointer dereference) (bnc#1084829).\n\n - CVE-2017-18257: The __get_data_block function in fs/f2fs/data.c allowed local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. (bnc#1088241)\n\n - CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-04-24T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:1048-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18257", "CVE-2018-1091", "CVE-2018-7740", "CVE-2018-8043", "CVE-2018-8822"], "modified": "2019-09-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-1048-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109310", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:1048-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109310);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-18257\", \"CVE-2018-1091\", \"CVE-2018-7740\", \"CVE-2018-8043\", \"CVE-2018-8822\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:1048-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to\nreceive various security and bugfixes. The following security bugs\nwere fixed :\n\n - CVE-2018-1091: In the flush_tmregs_to_thread function in\n arch/powerpc/kernel/ptrace.c, a guest kernel crash can\n be triggered from unprivileged userspace during a core\n dump on a POWER host due to a missing processor feature\n check and an erroneous use of transactional memory (TM)\n instructions in the core dump path, leading to a denial\n of service (bnc#1087231).\n\n - CVE-2018-7740: The resv_map_release function in\n mm/hugetlb.c allowed local users to cause a denial of\n service (BUG) via a crafted application that made mmap\n system calls and has a large pgoff argument to the\n remap_file_pages system call (bnc#1084353).\n\n - CVE-2018-8043: The unimac_mdio_probe function in\n drivers/net/phy/mdio-bcm-unimac.c did not validate\n certain resource availability, which allowed local users\n to cause a denial of service (NULL pointer dereference)\n (bnc#1084829).\n\n - CVE-2017-18257: The __get_data_block function in\n fs/f2fs/data.c allowed local users to cause a denial of\n service (integer overflow and loop) via crafted use of\n the open and fallocate system calls with an\n FS_IOC_FIEMAP ioctl. (bnc#1088241)\n\n - CVE-2018-8822: Incorrect buffer length handling in the\n ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c\n could be exploited by malicious NCPFS servers to crash\n the kernel or execute code (bnc#1086162).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012382\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1019695\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1019699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1022604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1046610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1060799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1064206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068032\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1075428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1076033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1077560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083574\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1083836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084328\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084353\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084452\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084699\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084829\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084898\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084914\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084918\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085058\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085402\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085507\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085679\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1085981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086162\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086194\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086518\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086607\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087211\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087659\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087845\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1087999\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088050\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088267\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088313\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088684\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1088871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=802154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-18257/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1091/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-7740/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8043/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-8822/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20181048-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a5eeadf8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-718=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-718=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-718=1\n\nSUSE Linux Enterprise Live Patching 12-SP3:zypper in -t patch\nSUSE-SLE-Live-Patching-12-SP3-2018-718=1\n\nSUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch\nSUSE-SLE-HA-12-SP3-2018-718=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-718=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-base-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-base-debuginfo-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-debuginfo-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-debugsource-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-default-devel-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"kernel-syms-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.4.126-94.22.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.126-94.22.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:31", "description": "Incremental update to fix kernel-devel issues.\n\n----\n\nThe 4.15.12 update contains a variety of fixes across the tree.\n\n----\n\nThe 4.15.11 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "nessus", "title": "Fedora 26 : kernel (2018-ba39fc0e07)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2018-BA39FC0E07.NASL", "href": "https://www.tenable.com/plugins/nessus/108673", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-ba39fc0e07.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108673);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-18232\");\n script_xref(name:\"FEDORA\", value:\"2018-ba39fc0e07\");\n\n script_name(english:\"Fedora 26 : kernel (2018-ba39fc0e07)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Incremental update to fix kernel-devel issues.\n\n----\n\nThe 4.15.12 update contains a variety of fixes across the tree.\n\n----\n\nThe 4.15.11 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-ba39fc0e07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-18232\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-ba39fc0e07\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.15.12-201.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:44", "description": "Incremental update to fix kernel-devel issues.\n\n----\n\nThe 4.15.12 update contains numerous fixes across the tree.\n\n----\n\nThe 4.15.11 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-03-28T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel (2018-e378863e47)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2018-E378863E47.NASL", "href": "https://www.tenable.com/plugins/nessus/108677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-e378863e47.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(108677);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-18232\");\n script_xref(name:\"FEDORA\", value:\"2018-e378863e47\");\n\n script_name(english:\"Fedora 27 : kernel (2018-e378863e47)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Incremental update to fix kernel-devel issues.\n\n----\n\nThe 4.15.12 update contains numerous fixes across the tree.\n\n----\n\nThe 4.15.11 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-e378863e47\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-18232\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2018-e378863e47\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.15.12-301.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:24", "description": "Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 15.04 : linux vulnerability (USN-2857-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.04"], "id": "UBUNTU_USN-2857-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2857-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87757);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-8660\");\n script_xref(name:\"USN\", value:\"2857-1\");\n\n script_name(english:\"Ubuntu 15.04 : linux vulnerability (USN-2857-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nathan Williams discovered that overlayfs in the Linux kernel\nincorrectly handled setattr operations. A local unprivileged attacker\ncould use this to create files with administrative permission\nattributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2857-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8660\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2857-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-43-generic\", pkgver:\"3.19.0-43.49\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-43-generic-lpae\", pkgver:\"3.19.0-43.49\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"linux-image-3.19.0-43-lowlatency\", pkgver:\"3.19.0-43.49\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:02:18", "description": "Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2858-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2858-3.NASL", "href": "https://www.tenable.com/plugins/nessus/87761", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2858-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87761);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-8660\");\n script_xref(name:\"USN\", value:\"2858-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2858-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nathan Williams discovered that overlayfs in the Linux kernel\nincorrectly handled setattr operations. A local unprivileged attacker\ncould use this to create files with administrative permission\nattributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2858-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8660\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2858-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1018-raspi2\", pkgver:\"4.2.0-1018.25\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:24", "description": "Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerability (USN-2858-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2858-2.NASL", "href": "https://www.tenable.com/plugins/nessus/87760", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2858-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87760);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-8660\");\n script_xref(name:\"USN\", value:\"2858-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerability (USN-2858-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nathan Williams discovered that overlayfs in the Linux kernel\nincorrectly handled setattr operations. A local unprivileged attacker\ncould use this to create files with administrative permission\nattributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2858-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8660\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2858-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-23-generic\", pkgver:\"4.2.0-23.28~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-23-generic-lpae\", pkgver:\"4.2.0-23.28~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-23-lowlatency\", pkgver:\"4.2.0-23.28~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:40", "description": "Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerability (USN-2858-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2858-1.NASL", "href": "https://www.tenable.com/plugins/nessus/87759", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2858-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87759);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-8660\");\n script_xref(name:\"USN\", value:\"2858-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerability (USN-2858-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nathan Williams discovered that overlayfs in the Linux kernel\nincorrectly handled setattr operations. A local unprivileged attacker\ncould use this to create files with administrative permission\nattributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2858-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8660\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2858-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-23-generic\", pkgver:\"4.2.0-23.28\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-23-generic-lpae\", pkgver:\"4.2.0-23.28\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-23-lowlatency\", pkgver:\"4.2.0-23.28\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:55", "description": "Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerability (USN-2857-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2857-2.NASL", "href": "https://www.tenable.com/plugins/nessus/87758", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2857-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87758);\n script_version(\"2.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-8660\");\n script_xref(name:\"USN\", value:\"2857-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerability (USN-2857-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Nathan Williams discovered that overlayfs in the Linux kernel\nincorrectly handled setattr operations. A local unprivileged attacker\ncould use this to create files with administrative permission\nattributes and execute arbitrary code with elevated privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2857-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8660\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2857-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-43-generic\", pkgver:\"3.19.0-43.49~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-43-generic-lpae\", pkgver:\"3.19.0-43.49~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-43-lowlatency\", pkgver:\"3.19.0-43.49~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:34", "description": "The 4.6.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-08-24T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel (2016-723350dd75)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-723350DD75.NASL", "href": "https://www.tenable.com/plugins/nessus/93089", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-723350dd75.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93089);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6828\");\n script_xref(name:\"FEDORA\", value:\"2016-723350dd75\");\n\n script_name(english:\"Fedora 23 : kernel (2016-723350dd75)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.6.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-723350dd75\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-6828\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-723350dd75\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.6.7-200.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:05", "description": "A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.", "cvss3": {}, "published": "2016-09-02T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2016-740)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2019-04-11T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-740.NASL", "href": "https://www.tenable.com/plugins/nessus/93252", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-740.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93252);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2019/04/11 17:23:06\");\n\n script_cve_id(\"CVE-2016-6828\");\n script_xref(name:\"ALAS\", value:\"2016-740\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2016-740)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A use after free vulnerability was found in tcp_xmit_retransmit_queue\nand other tcp_* functions.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-740.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.4.19-29.55.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.4.19-29.55.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:08", "description": "The 4.6.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-08-24T00:00:00", "type": "nessus", "title": "Fedora 24 : kernel (2016-5e24d8c350)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-5E24D8C350.NASL", "href": "https://www.tenable.com/plugins/nessus/93088", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-5e24d8c350.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93088);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-6828\");\n script_xref(name:\"FEDORA\", value:\"2016-5e24d8c350\");\n\n script_name(english:\"Fedora 24 : kernel (2016-5e24d8c350)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.6.7 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-5e24d8c350\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-6828\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2016-5e24d8c350\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.6.7-300.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:43", "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option. (CVE-2016-6828)", "cvss3": {}, "published": "2019-03-06T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Kernel vulnerability (K62442245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-6828"], "modified": "2020-03-25T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL62442245.NASL", "href": "https://www.tenable.com/plugins/nessus/122622", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K62442245.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122622);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/25\");\n\n script_cve_id(\"CVE-2016-6828\");\n\n script_name(english:\"F5 Networks BIG-IP : Kernel vulnerability (K62442245)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The tcp_check_send_head function in include/net/tcp.h in the Linux\nkernel before 4.7.5 does not properly maintain certain SACK state\nafter a failed data copy, which allows local users to cause a denial\nof service (tcp_xmit_retransmit_queue use-after-free and system crash)\nvia a crafted SACK option. (CVE-2016-6828)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K62442245\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K62442245.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K62442245\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\",\"11.2.1\",\"10.2.1-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.2\",\"11.6.0-11.6.1\",\"11.4.0-11.5.4\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.1\",\"13.0.0HF2\",\"12.1.2HF1\",\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:02:49", "description": "The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2777 advisory.\n\n - kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-07-01T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel-rt (RHSA-2020:2777)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20169"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel"], "id": "REDHAT-RHSA-2020-2777.NASL", "href": "https://www.tenable.com/plugins/nessus/138022", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2777. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138022);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2018-20169\");\n script_xref(name:\"RHSA\", value:\"2020:2777\");\n\n script_name(english:\"RHEL 6 : kernel-rt (RHSA-2020:2777)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:2777 advisory.\n\n - kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2777\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1660385\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '6')) audit(AUDIT_OS_NOT, 'Red Hat 6.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-20169');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:2777');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-g-execute/2/source/SRPMS',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/debug',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/os',\n 'content/dist/rhel/computenode/6/6ComputeNode/x86_64/mrg-mgmt/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g-execute/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-g/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-m/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-mgmt/2/source/SRPMS',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/debug',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/os',\n 'content/dist/rhel/server/6/6Server/x86_64/mrg-r/2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-debug-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-debug-devel-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-devel-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-doc-3.10.0-693.69.1.rt56.667.el6rt', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-firmware-3.10.0-693.69.1.rt56.667.el6rt', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-trace-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-trace-devel-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-vanilla-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'},\n {'reference':'kernel-rt-vanilla-devel-3.10.0-693.69.1.rt56.667.el6rt', 'cpu':'x86_64', 'release':'6', 'el_string':'el6rt', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'mrg-release'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-debug / kernel-rt-debug-devel / kernel-rt-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:20:33", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2770 advisory.\n\n - kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-06-30T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2020:2770)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-20169"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "cpe:/o:redhat:rhel_e4s:7.4", "cpe:/o:redhat:rhel_tus:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2020-2770.NASL", "href": "https://www.tenable.com/plugins/nessus/137893", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2770. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137893);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2018-20169\");\n script_xref(name:\"RHSA\", value:\"2020:2770\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2020:2770)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:2770 advisory.\n\n - kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-20169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1660385\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-20169\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2018-20169');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2020:2770');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.4/x86_64/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.4/x86_64/os',\n 'content/aus/rhel/server/7/7.4/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.4/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.4/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.4/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.4/x86_64/debug',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.4/x86_64/os',\n 'content/tus/rhel/server/7/7.4/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-693.69.1.el7', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-693.69.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-bootwrapper / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:25:13", "description": "Contains several backported bugfixes, including the fix for CVE-2017-1000405\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-12-05T00:00:00", "type": "nessus", "title": "Fedora 26 : kernel (2017-9ea11e444d) (Dirty COW)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-9EA11E444D.NASL", "href": "https://www.tenable.com/plugins/nessus/105013", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-9ea11e444d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105013);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000405\");\n script_xref(name:\"FEDORA\", value:\"2017-9ea11e444d\");\n\n script_name(english:\"Fedora 26 : kernel (2017-9ea11e444d) (Dirty COW)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Contains several backported bugfixes, including the fix for\nCVE-2017-1000405\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ea11e444d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000405\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-9ea11e444d\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"kernel-4.13.16-202.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:54", "description": "Contains several backported bugfixes, including the fix for CVE-2017-1000405\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-01-15T00:00:00", "type": "nessus", "title": "Fedora 27 : kernel (2017-b0c1f44130) (Dirty COW)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000405"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:27"], "id": "FEDORA_2017-B0C1F44130.NASL", "href": "https://www.tenable.com/plugins/nessus/105954", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-b0c1f44130.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105954);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000405\");\n script_xref(name:\"FEDORA\", value:\"2017-b0c1f44130\");\n\n script_name(english:\"Fedora 27 : kernel (2017-b0c1f44130) (Dirty COW)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Contains several backported bugfixes, including the fix for\nCVE-2017-1000405\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-b0c1f44130\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/15\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2017-1000405\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2017-b0c1f44130\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"kernel-4.13.16-302.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:55", "description": "Markus Franz Xaver Johannes Oberhumer reports, in the package's NEWS file :\n\nFixed a potential integer overflow condition in the 'safe' decompressor variants which could result in a possible buffer overrun when processing maliciously crafted compressed input data.\n\nAs this issue only affects 32-bit systems and also can only happen if you use uncommonly huge buffer sizes where you have to decompress more than 16 MiB (2^24 bytes) compressed bytes within a single function call, the practical implications are limited.", "cvss3": {}, "published": "2014-06-27T00:00:00", "type": "nessus", "title": "FreeBSD : LZO -- potential buffer overrun when processing malicious input data (d1f5e12a-fd5a-11e3-a108-080027ef73ec)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4608"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:busybox", "p-cpe:/a:freebsd:freebsd:lzo2", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_D1F5E12AFD5A11E3A108080027EF73EC.NASL", "href": "https://www.tenable.com/plugins/nessus/76269", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76269);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-4608\");\n\n script_name(english:\"FreeBSD : LZO -- potential buffer overrun when processing malicious input data (d1f5e12a-fd5a-11e3-a108-080027ef73ec)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Markus Franz Xaver Johannes Oberhumer reports, in the package's NEWS\nfile :\n\nFixed a potential integer overflow condition in the 'safe'\ndecompressor variants which could result in a possible buffer overrun\nwhen processing maliciously crafted compressed input data.\n\nAs this issue only affects 32-bit systems and also can only happen if\nyou use uncommonly huge buffer sizes where you have to decompress more\nthan 16 MiB (2^24 bytes) compressed bytes within a single function\ncall, the practical implications are limited.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.oberhumer.com/opensource/lzo/download/lzo-2.07.tar.gz\"\n );\n # https://vuxml.freebsd.org/freebsd/d1f5e12a-fd5a-11e3-a108-080027ef73ec.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1a4531d\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:busybox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:lzo2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"lzo2<2.07\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"busybox<1.22.1_2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:19:41", "description": "The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.\n(CVE-2014-3184)\n\nImpact\n\nAn attacker may be able to gain access to unauthorized information, perform unauthorized modification of data, or cause disruption of services. This vulnerability requires physical access to the device.", "cvss3": {}, "published": "2017-10-27T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K74413297)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3184"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL74413297.NASL", "href": "https://www.tenable.com/plugins/nessus/104194", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K74413297.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(104194);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2014-3184\");\n script_bugtraq_id(69768);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K74413297)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The report_fixup functions in the HID subsystem in the Linux kernel\nbefore 3.16.2 might allow physically proximate attackers to cause a\ndenial of service (out-of-bounds write) via a crafted device that\nprovides a small report descriptor, related to (1)\ndrivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3)\ndrivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5)\ndrivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.\n(CVE-2014-3184)\n\nImpact\n\nAn attacker may be able to gain access to unauthorized information,\nperform unauthorized modification of data, or cause disruption of\nservices. This vulnerability requires physical access to the device.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K74413297\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K74413297.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/10/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K74413297\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.6.1\",\"11.5.1-11.5.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.6.2\",\"11.5.5\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0\",\"11.6.1\",\"11.5.1-11.5.4\",\"11.2.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\",\"12.1.0-12.1.2\",\"11.6.2\",\"11.5.5\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2021-08-19T12:22:27", "description": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size. (CVE-2018-5391 also known as FragmentSmack)\n\nImpact\n\nFor products with vulnerable versions, this vulnerability allows a remote attacker to disrupt service. This vulnerability affects only the BIG-IP management port.\n\nFor products with None in the Versions known to be vulnerable column, there is no impact.", "cvss3": {}, "published": "2019-05-29T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K74374841)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-05-01T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL74374841.NASL", "href": "https://www.tenable.com/plugins/nessus/125484", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K74374841.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125484);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/01\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K74374841)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel, versions 3.9+, is vulnerable to a denial of service\nattack with low rates of specially modified packets targeting IP\nfragment re-assembly. An attacker may cause a denial of service\ncondition by sending specially crafted IP fragments. Various\nvulnerabilities in IP fragmentation have been discovered and fixed\nover the years. The current vulnerability (CVE-2018-5391) became\nexploitable in the Linux kernel with the increase of the IP fragment\nreassembly queue size. (CVE-2018-5391 also known as FragmentSmack)\n\nImpact\n\nFor products with vulnerable versions, this vulnerability allows a\nremote attacker to disrupt service. This vulnerability affects only\nthe BIG-IP management port.\n\nFor products with None in the Versions known to be vulnerable column,\nthere is no impact.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K74374841\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K74374841.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K74374841\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"14.1.0-14.1.2\",\"13.0.0-13.1.1\",\"12.1.0-12.1.4\",\"11.5.1-11.6.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"15.0.0\",\"14.1.2.4\",\"13.1.3\",\"12.1.5\",\"11.6.5.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-18T14:56:19", "description": "The version of Arista Networks EOS running on the remote device is affected by a denial of service (DoS) vulnerability.\nThe Linux kernel is vulnerable to a DoS attack with low rates of specially modified packets targeting IP fragment re-assembly. An remote, unauthenticated attacker can cause a DoS condition by sending specially crafted IP fragments.\nThis vulnerability is caused by the increase of the IP fragment reassembly queue size in the Linux kernel.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-02-24T00:00:00", "type": "nessus", "title": "Arista Networks EOS/vEOS IP fragment DoS (SA0037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-02-25T00:00:00", "cpe": ["cpe:/o:arista:eos"], "id": "ARISTA_EOS_SA0037.NASL", "href": "https://www.tenable.com/plugins/nessus/133862", "sourceData": "#TRUSTED 1dc3817f25b5647695f6b3b50cd46c9be469a99056a9b6302b4fdae4a8aef3165c23730aa4b56135d1fd6e8b958ac32deca570e1e1fdca1d1ce75d25067ddcd1d6219b733d772f8a73ff397e0339244cdfd6e142011db4b33e007bd975f8983050987bac9cf2fa0a709d4a1485baf726bec1677f368d799e4cd2d26e6e6b4234da606d44ae22a119574b1130deef39e99d50b5532f95f7adfe5a67c8b4b5a0beb04422efbda190a9ab7aa862a075a1748d552f3a65b86bfa4d6078e77d78af7df87f8bf6ca373c2079926e1821aa66a442782ed94874de6836156df82acacd315ac667720100f9c4cfee0860f251492555414eaba57d23a60e3753335b8f8c7dc4e1c628c6739f98d24d62dbf13cba9dd3f6d4b967f66c150baba5c5baf681a6d9f112fd47c038f7eedb4d20c133bc7b5311c038c824364f4198ec100d1d76d698c632d9c5db8eb5ac8868434b6dffe6b2fe1e09bf35cd8e3e6b13da91a3f507b059e974cffb529555a82b9f00fb57a4052c550e8ca67a0a1cd647e4bfb790b3829906a91cbea3e4c27af9c6bf18f1a663d2c0eb1cc40b6f6b771c3ccf69fe314377bcdc244f9301cbd0b4538cbee2b5c5936c4420ebc267d0a63801a3ccd9f14b3d0a664bbcb79e4074a0d51e5ee3838d426e8cfbe80715b2618c81e22049f159a6c0d22484e036a697708d04c03e58ae97549ce76ea704ff40291a94c7c081\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(133862);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/25\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_name(english:\"Arista Networks EOS/vEOS IP fragment DoS (SA0037)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by a denial of service (DoS) vulnerability.\nThe Linux kernel is vulnerable to a DoS attack with low rates of specially modified packets targeting IP fragment\nre-assembly. An remote, unauthenticated attacker can cause a DoS condition by sending specially crafted IP fragments.\nThis vulnerability is caused by the increase of the IP fragment reassembly queue size in the Linux kernel.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/5782-security-advisory-37\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c910c33\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Arista Networks EOS version 4.21.2.3F / 4.20.9M / 4.21.1F or later. Alternatively, apply the patch\nreferenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:arista:eos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_eos_detect.nbin\");\n script_require_keys(\"Host/Arista-EOS/Version\", \"Host/Arista-EOS/model\");\n\n exit(0);\n}\n\n\ninclude('arista_eos_func.inc');\n\nversion = get_kb_item_or_exit('Host/Arista-EOS/Version');\nmodel = get_kb_item_or_exit('Host/Arista-EOS/model');\n\nvmatrix = make_array();\nif (model == 'vEOS')\n{\n vmatrix['F'] = make_list('4.20.5');\n vmatrix['misc'] = make_list('4.20.6FX-Virtual-Router', '4.20.1FX-Virtual-Router');\n}\nelse\n{\n vmatrix['F'] = make_list('4.20.0',\n '4.20.1',\n '4.20.2',\n '4.20.2.1',\n '4.20.3',\n '4.20.4',\n '4.20.4.1',\n '4.20.5',\n '4.20.5.1',\n '4.20.5.2',\n '4.20.6',\n '4.21.0');\n\n vmatrix['M'] = make_list('4.20.7',\n '4.20.8');\n}\nvmatrix['fix'] = 'Apply one of the vendor supplied patches or mitigations or upgrade to EOS 4.21.2.3F / 4.20.9M / 4.21.1F or later';\n\next='SecurityAdvisory0037Hotfix.rpm 1.0.0/eng';\nsha='5a629438fd9988bb2ad8ece630355a033997200febf723ab531825f33b355c647b14957983fda91a131c6dc1d31f78fc0bee8fb092e6d17d6c9036921f7e6849';\n\nif(eos_extension_installed(ext:ext, sha:sha))\n exit(0, 'The Arista device is not vulnerable, as a relevant hotfix has been installed.');\n\nif (eos_is_affected(vmatrix:vmatrix, version:version))\n security_report_v4(severity:SECURITY_HOLE, port:0, extra:eos_report_get());\nelse\n audit(AUDIT_INST_VER_NOT_VULN, 'Arista Networks EOS', version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:53", "description": "The version of Palo Alto Networks PAN-OS running on the remote host is 6.0.x prior to 6.1.22 or 7.1.x prior to 7.1.22 or 8.0.x prior to 8.0.13 or 8.1.x prior to 8.1.5. It is, therefore, affected by multiple vulnerabilities :\n\n - Management Plane of Palo Alto PAN-OS is affected by FragmentSmack vulnerability. A remote attacker could send specially crafted packets which can trigger CPU saturation (a denial of service on the system).\n (CVE-2018-5391)", "cvss3": {}, "published": "2019-02-19T00:00:00", "type": "nessus", "title": "Palo Alto Networks PAN-OS 6.1.x < 6.1.22 / 7.1.x < 7.1.20 / 8.0.x < 8.0.13 / 8.1.x < 8.1.5 Multiple Vulnerabilities (PAN-SA-2018-0012)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2021-04-01T00:00:00", "cpe": ["cpe:/o:paloaltonetworks:pan-os"], "id": "PALO_ALTO_PAN-SA-2018-0012.NASL", "href": "https://www.tenable.com/plugins/nessus/122259", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122259);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/01\");\n\n script_cve_id(\"CVE-2018-5391\");\n script_bugtraq_id(105108);\n\n script_name(english:\"Palo Alto Networks PAN-OS 6.1.x < 6.1.22 / 7.1.x < 7.1.20 / 8.0.x < 8.0.13 / 8.1.x < 8.1.5 Multiple Vulnerabilities (PAN-SA-2018-0012)\");\n script_summary(english:\"Checks the PAN-OS version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Palo Alto Networks PAN-OS running on the remote host is\n6.0.x prior to 6.1.22 or 7.1.x prior to 7.1.22 or 8.0.x prior to 8.0.13 \nor 8.1.x prior to 8.1.5. It is, therefore, affected by multiple \nvulnerabilities :\n\n - Management Plane of Palo Alto PAN-OS is affected by FragmentSmack\n vulnerability. A remote attacker could send specially crafted packets\n which can trigger CPU saturation (a denial of service on the system).\n (CVE-2018-5391)\");\n # https://securityadvisories.paloaltonetworks.com/Home/Detail/131\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2dfafb7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Palo Alto Networks PAN-OS version 6.1.22 / 7.1.22 / 8.0.13 / 8.1.5 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:paloaltonetworks:pan-os\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Palo Alto Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"palo_alto_version.nbin\");\n script_require_keys(\"Host/Palo_Alto/Firewall/Version\", \"Host/Palo_Alto/Firewall/Full_Version\", \"Host/Palo_Alto/Firewall/Source\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('vcf_extras.inc');\n\nvcf::palo_alto::initialize();\n\napp_name = 'Palo Alto Networks PAN-OS';\n\napp_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');\n\nvcf::check_granularity(app_info:app_info, sig_segments:2);\n\nconstraints = [\n { 'min_version' : '6.1', 'fixed_version' : '6.1.22' },\n { 'min_version' : '7.1', 'fixed_version' : '7.1.20' },\n { 'min_version' : '8.0', 'fixed_version' : '8.0.13' },\n { 'min_version' : '8.1', 'fixed_version' : '8.1.5' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:42:14", "description": "This update for the Linux Kernel 4.4.121-92_73 fixes one issue.\n\nThe following security issue was fixed :\n\nCVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by sending specially crafted IP fragments. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size (bsc#1103098).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-11-19T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3792-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2021-04-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_114-92_64-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_114-92_67-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_120-92_70-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_73-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_80-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_85-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2018-3792-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119036", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:3792-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119036);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/08\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3792-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for the Linux Kernel 4.4.121-92_73 fixes one issue.\n\nThe following security issue was fixed :\n\nCVE-2018-5391: Fixed a denial of service attack with low rates of\nspecially modified packets targeting IP fragment re-assembly. An\nattacker may have caused a denial of service condition by sending\nspecially crafted IP fragments. The current vulnerability\n(CVE-2018-5391) became exploitable in the Linux kernel with the\nincrease of the IP fragment reassembly queue size (bsc#1103098).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1103098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-5391/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20183792-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7232d5e0\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2018-2689=1 SUSE-SLE-SAP-12-SP2-2018-2690=1\nSUSE-SLE-SAP-12-SP2-2018-2691=1 SUSE-SLE-SAP-12-SP2-2018-2692=1\nSUSE-SLE-SAP-12-SP2-2018-2693=1 SUSE-SLE-SAP-12-SP2-2018-2697=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2018-2689=1 SUSE-SLE-SERVER-12-SP2-2018-2690=1\nSUSE-SLE-SERVER-12-SP2-2018-2691=1 SUSE-SLE-SERVER-12-SP2-2018-2692=1\nSUSE-SLE-SERVER-12-SP2-2018-2693=1 SUSE-SLE-SERVER-12-SP2-2018-2697=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_114-92_64-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_114-92_67-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_120-92_70-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_73-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_80-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_121-92_85-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_114-92_64-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_114-92_67-default-9-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_120-92_70-default-8-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_73-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_80-default-7-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kgraft-patch-4_4_121-92_85-default-5-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:40", "description": "A denial of service (DoS) vulnerability exists in the Cisco IOS XE Software due to a Linux Kernel IP fragment reassembly vulnerability, known as FragmentSmack.\nAn unauthenticated, remote attacker can exploit this issue, via stream of fragmented IPv4 or IPv6 packets, to cause the affected device to stop responding.", "cvss3": {}, "published": "2019-03-29T00:00:00", "type": "nessus", "title": "Cisco IOS XE Software Linux Kernel IP Fragment DoS (cisco-sa-20180824-linux-ip-fragment)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2021-06-28T00:00:00", "cpe": ["cpe:/o:cisco:ios_xe"], "id": "CISCO-SA-20180824-IOSXE.NASL", "href": "https://www.tenable.com/plugins/nessus/123515", "sourceData": "#TRUSTED 5e5cbfc82b03ef9825fd93c05682f4b9f688c8d1b705ea0fc3ebc37791f5bf08a3bcdbaa7738d431320f2224a12ec9253736854f00da190f4fac1a662abf91c89eeb3b6e3b69fa442be1116612be6c75b3571610969177b7d6af81d7136e336ae1290c87f8db802648347e6f18eb029c1143957866ebfc7e595841031134d87fb46e66bccc27716643ffad7cb0b289ded330ca49f21d5412a39e1153e1150a132b57e8098a15860e3202975b86d64599108d97d632379dcfecfe9a51cf11e850ca957ab769cd1b4e13489de017e3505f11bdc5019ebabfe0d37bc120f806d9fe0fff83a19ed5b845db2b9589cbe49c5b4c20c22eae01cef4d039eac5574816a3d6a1375a0e4c0f52d684e78926724586914a4901f14b752dcf9033ebaaa48b855022ccf2a042885b95bea6685b47cf47ab2aa10b8316542b504a19efcbb21e878d5879878fb1fb845a7529c79cb7e0bf8869d6d8ccfaca2ec9419d326b07462ff0313d12e5a88abd9d609e88f5f030c094e6634d00cff9e3f4321bd041e439d53a85720cafdcfe2db3fabcf016a6cc18543bc034c883c13d09b7abadd45b103150319f9cccd435ef65c08f74e6862d30d8250f687306a474a60c770dc5c6b2e86856ccd90a2a83b2e20b0191910b1782c643ad572560574439c977e22bd0b43b253e3192651f8c6f85aa2f1eaefc8b7139e0309d6c4dd44581bab9126438ccc7\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123515);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/28\");\n\n script_cve_id(\"CVE-2018-5391\");\n script_bugtraq_id(105108);\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvm09121\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20180824-linux-ip-fragment\");\n\n script_name(english:\"Cisco IOS XE Software Linux Kernel IP Fragment DoS (cisco-sa-20180824-linux-ip-fragment)\");\n script_summary(english:\"Checks the IOS XE version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A denial of service (DoS) vulnerability exists in the Cisco IOS XE Software\ndue to a Linux Kernel IP fragment reassembly vulnerability, known as FragmentSmack.\nAn unauthenticated, remote attacker can exploit this issue, via stream of\nfragmented IPv4 or IPv6 packets, to cause the affected device to stop responding.\");\n # https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm09121\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cbe6eee5\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d625ffb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to the relevant fixed version referenced in Cisco bug ID(s)\nCSCvm09121.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:ios_xe\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"cisco_ios_xe_version.nasl\");\n script_require_keys(\"Host/Cisco/IOS-XE/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_workarounds.inc\");\ninclude(\"ccf.inc\");\n\nproduct_info = cisco::get_product_info(name:\"Cisco IOS XE Software\");\n\nversion_list = make_list(\n '16.4',\n '16.6.1',\n '16.6.2',\n '16.6.4',\n '16.7.1',\n '16.8.2',\n '16.3.1',\n '16.3.2',\n '16.3.3',\n '16.3.4',\n '16.3.5',\n '16.3.6',\n '16.3.7',\n '16.5.1',\n '16.6.1',\n '16.8.1',\n '16.9.1'\n );\n\nreporting = make_array(\n 'port' , product_info['port'], \n 'severity' , SECURITY_HOLE,\n 'version' , product_info['version'],\n 'bug_id' , 'CSCvm09121'\n);\n\ncisco::check_and_report(product_info:product_info, reporting:reporting, vuln_versions:version_list);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:19:14", "description": "The version of Arista Networks CloudVision Portal running on the remote device is affected by a denial of service (DoS) vulnerability. The Linux kernel is vulnerable to a DoS attack with low rates of specially modified packets targeting IP fragment re-assembly. An remote, unauthenticated attacker can cause a DoS condition by sending specially crafted IP fragments. This vulnerability is caused by the increase of the IP fragment reassembly queue size in the Linux kernel.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. To retrieve patch level information this plugin requires the HTTP credentials of the web console.", "cvss3": {}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "Arista Networks Networks CloudVision Portal IP fragment DoS (SA0037)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-07-10T00:00:00", "cpe": ["cpe:/a:arista:cloudvision_portal"], "id": "ARISTA_CVP_SA0037.NASL", "href": "https://www.tenable.com/plugins/nessus/138338", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138338);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_name(english:\"Arista Networks Networks CloudVision Portal IP fragment DoS (SA0037)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks CloudVision Portal running on the remote device is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks CloudVision Portal running on the remote device is affected by a denial of service\n(DoS) vulnerability. The Linux kernel is vulnerable to a DoS attack with low rates of specially modified packets\ntargeting IP fragment re-assembly. An remote, unauthenticated attacker can cause a DoS condition by sending specially\ncrafted IP fragments. This vulnerability is caused by the increase of the IP fragment reassembly queue size in the Linux\nkernel.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber. To retrieve patch level information this plugin requires the HTTP credentials of the web console.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/5782-security-advisory-37\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c910c33\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to a fixed version or apply the mitigation as referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:arista:cloudvision_portal\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_cloudvision_portal_detect.nbin\");\n script_require_keys(\"installed_sw/Arista CloudVision Portal\");\n\n exit(0);\n}\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_http_port(default:443);\napp = 'Arista CloudVision Portal';\n\napp_info = vcf::get_app_info(app:app, port:port, webapp:TRUE);\n\nversion_list = make_list(\n '2015.1.2',\n '2015.1.1',\n '2016.1.2.3',\n '2016.1.2.1',\n '2016.1.2',\n '2016.1.1',\n '2016.1.0',\n '2017.2.3',\n '2017.2.2',\n '2017.2.1',\n '2017.2.0',\n '2017.1.1.1',\n '2017.1.1',\n '2017.1.0.1',\n '2017.1.0',\n '2018.1.2.1',\n '2018.1.2',\n '2018.1.1',\n '2018.1.0'\n);\n\nvuln = FALSE;\nforeach version (version_list)\n{\n if (app_info['version'] == version)\n {\n vuln = TRUE;\n break;\n }\n}\n\nif (!vuln)\n audit(AUDIT_WEB_APP_NOT_AFFECTED, app_info.app, build_url2(qs:app_info.path, port:app_info.port), app_info.version);\n\nconstraints = [\n {'min_version' : '2015.1.1', 'fixed_version':'2018.2.0'}\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_HOLE\n);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:39:54", "description": "- CVE-2018-5391 (FragmentSmack) Juha-Matti Tilli discovered a flaw in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker can take advantage of this flaw to trigger time and calculation expensive fragment reassembly algorithms by sending specially crafted packets, leading to remote denial of service.\n\n This is mitigated by reducing the default limits on memory usage for incomplete fragmented packets. The same mitigation can be achieved without the need to reboot, by setting the sysctls :\n\n net.ipv4.ipfrag_low_thresh = 196608 net.ipv6.ip6frag_low_thresh = 196608 net.ipv4.ipfrag_high_thresh = 262144 net.ipv6.ip6frag_high_thresh = 262144\n\n The default values may still be increased by local configuration if necessary.", "cvss3": {}, "published": "2018-08-15T00:00:00", "type": "nessus", "title": "Debian DSA-4272-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2019-07-15T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4272.NASL", "href": "https://www.tenable.com/plugins/nessus/111707", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4272. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111707);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/07/15 14:20:30\");\n\n script_cve_id(\"CVE-2018-5391\");\n script_xref(name:\"DSA\", value:\"4272\");\n\n script_name(english:\"Debian DSA-4272-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"- CVE-2018-5391 (FragmentSmack)\n Juha-Matti Tilli discovered a flaw in the way the Linux\n kernel handled reassembly of fragmented IPv4 and IPv6\n packets. A remote attacker can take advantage of this\n flaw to trigger time and calculation expensive fragment\n reassembly algorithms by sending specially crafted\n packets, leading to remote denial of service.\n\n This is mitigated by reducing the default limits on memory usage for\n incomplete fragmented packets. The same mitigation can be achieved\n without the need to reboot, by setting the sysctls :\n\n net.ipv4.ipfrag_low_thresh = 196608 net.ipv6.ip6frag_low_thresh =\n 196608 net.ipv4.ipfrag_high_thresh = 262144\n net.ipv6.ip6frag_high_thresh = 262144\n\n The default values may still be increased by local configuration if\n necessary.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2018-5391\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4272\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (stretch), this problem has been fixed in\nversion 4.9.110-3+deb9u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"hyperv-daemons\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower-dev\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libcpupower1\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libusbip-dev\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-arm\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-s390\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-compiler-gcc-6-x86\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-cpupower\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-doc-4.9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-4kc-malta\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-5kc-malta\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-686-pae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-amd64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-arm64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armel\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-armhf\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-i386\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mips64el\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-mipsel\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-ppc64el\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-all-s390x\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-amd64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-arm64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-armmp-lpae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-common-rt\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-loongson-3\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-marvell\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-octeon\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-powerpc64le\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-686-pae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-rt-amd64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-headers-4.9.0-9-s390x\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-4kc-malta-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-5kc-malta-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-686-pae-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-amd64-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-arm64-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-armmp-lpae-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-loongson-3-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-marvell-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-octeon-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-powerpc64le-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-686-pae-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-rt-amd64-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-image-4.9.0-9-s390x-dbg\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-kbuild-4.9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-libc-dev\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-manual-4.9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-perf-4.9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-source-4.9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"linux-support-4.9.0-9\", reference:\"4.9.110-3+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"usbip\", reference:\"4.9.110-3+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:44:52", "description": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.", "cvss3": {}, "published": "2023-04-11T00:00:00", "type": "nessus", "title": "Siemens (CVE-2018-5391)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2023-04-27T00:00:00", "cpe": ["cpe:/o:siemens:scalance_w700_series_firmware", "cpe:/o:siemens:scalance_s615_firmware", "cpe:/o:siemens:simatic_net_cp_1543-1_firmware", "cpe:/o:siemens:simatic_net_cp_1243-1_firmware", "cpe:/o:siemens:simatic_net_cp_1243-8_irc_firmware", "cpe:/o:siemens:simatic_net_cp_1542sp-1_irc_firmware", "cpe:/o:siemens:simatic_net_cp_1543sp-1_firmware", "cpe:/o:siemens:simatic_net_cp_1242-7_firmware", "cpe:/o:siemens:simatic_net_cp_1243-7_lte_eu_firmware", "cpe:/o:siemens:simatic_net_cp_1243-7_lte_us_firmware", "cpe:/o:siemens:simatic_net_cp_1542sp-1_firmware", "cpe:/o:siemens:scalance_m-800_series_firmware", "cpe:/o:siemens:scalance_sc-600_series_firmware", "cpe:/o:siemens:scalance_w1700_series_firmware"], "id": "TENABLE_OT_SIEMENS_CVE-2018-5391.NASL", "href": "https://www.tenable.com/plugins/ot/500995", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(500995);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/27\");\n\n script_cve_id(\"CVE-2018-5391\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2948\");\n script_xref(name:\"DSA\", value:\"DSA-4272\");\n script_xref(name:\"USN\", value:\"USN-3742-2\");\n script_xref(name:\"USN\", value:\"USN-3742-1\");\n script_xref(name:\"USN\", value:\"USN-3741-2\");\n script_xref(name:\"USN\", value:\"USN-3741-1\");\n script_xref(name:\"USN\", value:\"USN-3741-1\");\n script_xref(name:\"USN\", value:\"USN-3740-2\");\n script_xref(name:\"USN\", value:\"USN-3740-1\");\n script_xref(name:\"USN\", value:\"USN-3740-1\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2791\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2785\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2785\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2846\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2933\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2933\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2925\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:2924\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3096\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3096\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3083\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3083\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3459\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3590\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3590\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3586\");\n script_xref(name:\"RHSA\", value:\"RHSA-2018:3540\");\n\n script_name(english:\"Siemens (CVE-2018-5391)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OT asset is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Linux kernel, versions 3.9+, is vulnerable to a denial of service\nattack with low rates of specially modified packets targeting IP\nfragment re-assembly. An attacker may cause a denial of service\ncondition by sending specially crafted IP fragments. Various\nvulnerabilities in IP fragmentation have been discovered and fixed\nover the years. The current vulnerability (CVE-2018-5391) became\nexploitable in the Linux kernel with the increase of the IP fragment\nreassembly queue size.\n\nThis plugin only works with Tenable.ot.\nPlease visit https://www.tenable.com/products/tenable-ot for more information.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.kb.cert.org/vuls/id/641765\");\n # https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=c30f1fc041b74ecdb072dd44f858750414b8b19f\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?fbfb7b03\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2018/dsa-4272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3742-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3742-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3741-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3741-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3740-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://usn.ubuntu.com/3740-1/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2018/08/msg00014.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securitytracker.com/id/1041476\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/bid/105108\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-004.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securitytracker.com/id/1041637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2791\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2785\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.netapp.com/advisory/ntap-20181003-0002/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2933\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2924\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3096\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3083\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:2948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3459\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3590\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2018:3540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2019/06/28/2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2019/07/06/3\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.openwall.com/lists/oss-security/2019/07/06/4\");\n # https://support.f5.com/csp/article/K74374841?utm_source=f5support&utm_medium=RSS\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9deb46b\");\n # http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-linux-en\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?13522391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cert-portal.siemens.com/productcert/pdf/ssa-377115.pdf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Refer to the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:scalance_m-800_series_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:scalance_s615_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:scalance_sc-600_series_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:scalance_w1700_series_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:scalance_w700_series_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1242-7_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1243-1_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1243-7_lte_eu_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1243-7_lte_us_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1243-8_irc_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1542sp-1_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1542sp-1_irc_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1543-1_firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:siemens:simatic_net_cp_1543sp-1_firmware\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"former\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Tenable.ot\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_ot_api_integration.nasl\");\n script_require_keys(\"Tenable.ot/Siemens\");\n\n exit(0);\n}\n\n\ninclude('tenable_ot_cve_funcs.inc');\n\nget_kb_item_or_exit('Tenable.ot/Siemens');\n\nvar asset = tenable_ot::assets::get(vendor:'Siemens');\n\nvar vuln_cpes = {\n \"cpe:/o:siemens:scalance_m-800_series_firmware\" :\n {\"versionEndExcluding\" : \"6.1\", \"family\" : \"SCALANCEM\"},\n \"cpe:/o:siemens:scalance_s615_firmware\" :\n {\"versionEndExcluding\" : \"6.1\", \"family\" : \"SCALANCES\"},\n \"cpe:/o:siemens:scalance_sc-600_series_firmware\" :\n {\"versionEndExcluding\" : \"2.0\", \"family\" : \"SCALANCES\"},\n \"cpe:/o:siemens:scalance_w1700_series_firmware\" :\n {\"versionEndExcluding\" : \"2.0\", \"family\" : \"SCALANCEW\"},\n \"cpe:/o:siemens:scalance_w700_series_firmware\" :\n {\"versionEndExcluding\" : \"6.4\", \"family\" : \"SCALANCEW\"},\n \"cpe:/o:siemens:simatic_net_cp_1242-7_firmware\" :\n {\"versionEndExcluding\" : \"3.2\", \"family\" : \"S71200\"},\n \"cpe:/o:siemens:simatic_net_cp_1243-1_firmware\" :\n {\"versionEndExcluding\" : \"3.2\", \"family\" : \"S71200\"},\n \"cpe:/o:siemens:simatic_net_cp_1243-7_lte_eu_firmware\" :\n {\"versionEndExcluding\" : \"3.2\", \"family\" : \"S71200\"},\n \"cpe:/o:siemens:simatic_net_cp_1243-7_lte_us_firmware\" :\n {\"versionEndExcluding\" : \"3.2\", \"family\" : \"S71200\"},\n \"cpe:/o:siemens:simatic_net_cp_1243-8_irc_firmware\" :\n {\"versionEndExcluding\" : \"3.2\", \"family\" : \"S71200\"},\n \"cpe:/o:siemens:simatic_net_cp_1542sp-1_firmware\" :\n {\"versionEndExcluding\" : \"2.1\", \"family\" : \"S71500\"},\n \"cpe:/o:siemens:simatic_net_cp_1542sp-1_irc_firmware\" :\n {\"versionEndExcluding\" : \"2.1\", \"family\" : \"S71500\"},\n \"cpe:/o:siemens:simatic_net_cp_1543-1_firmware\" :\n {\"versionEndExcluding\" : \"2.2\", \"family\" : \"S71500\"},\n \"cpe:/o:siemens:simatic_net_cp_1543sp-1_firmware\" :\n {\"versionEndExcluding\" : \"2.1\", \"family\" : \"S71500\"}\n};\n\ntenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:34", "description": "According to its self-reported version, the Cisco Application Policy Infrastructure Controller (APIC) is affected by a vulnerability in the IP stack that is used by the Linux Kernel publicly known as FragmentSmack.\n\nThe vulnerability could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\nAn attack could be executed by an attacker who can submit a stream of fragmented IPv4 or IPv6 packets that are designed to trigger the issue on an affected device.", "cvss3": {}, "published": "2019-03-27T00:00:00", "type": "nessus", "title": "Cisco Application Policy Infrastructure Controller Linux Kernel IP Fragment Reassembly DoS", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2020-11-06T00:00:00", "cpe": ["cpe:/a:cisco:application_policy_infrastructure_controller", "cpe:/o:cisco:application_policy_infrastructure_controller_firmware"], "id": "CISCO-SA-20180824-APIC.NASL", "href": "https://www.tenable.com/plugins/nessus/123415", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123415);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2018-5391\");\n script_bugtraq_id(105108);\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20180824-linux-ip-fragment\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCvm15454\");\n\n script_name(english:\"Cisco Application Policy Infrastructure Controller Linux Kernel IP Fragment Reassembly DoS\");\n script_summary(english:\"Checks the Cisco Application Policy Infrastructure Controller (APIC) version.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is affected by a Linux Kernel DoS.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Cisco Application\nPolicy Infrastructure Controller (APIC) is affected by a\nvulnerability in the IP stack that is used by the Linux Kernel\npublicly known as FragmentSmack.\n\nThe vulnerability could allow an unauthenticated, remote attacker\nto cause a denial of service (DoS) condition on an affected device.\nAn attack could be executed by an attacker who can submit a stream\nof fragmented IPv4 or IPv6 packets that are designed to trigger the\nissue on an affected device.\");\n # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180824-linux-ip-fragment\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d625ffb\");\n # https://tools.cisco.com/bugsearch/bug/CSCvm15454\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?15f05a53\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Cisco Application Policy Infrastructure Controller to 3.2.4 / 4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:cisco:application_policy_infrastructure_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:application_policy_infrastructure_controller_firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n\n script_dependencies(\"cisco_apic_version.nbin\");\n script_require_keys(\"installed_sw/Cisco APIC Software\");\n script_require_ports(\"Services/www\", 80, 443);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"cisco_func.inc\");\ninclude(\"http.inc\");\ninclude(\"install_func.inc\");\n\napp = \"Cisco APIC Software\";\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nport = get_http_port(default:443);\n\ninstall = get_single_install(app_name:app, port:port, exit_if_unknown_ver:TRUE);\nversion = install['version'];\ndir = install['path'];\ninstall_url = build_url(port:port, qs:dir);\n\nif (cisco_gen_ver_compare(a:version, b:'3.2(3.6a)') < 0)\n{\n report = '\\n URL : ' + install_url +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 3.2.4 / 4.0 or later' +\n '\\n';\n\n security_report_v4(port:0, severity:SECURITY_HOLE, extra:report);\n}\nelse audit(AUDIT_WEB_APP_NOT_AFFECTED, app, install_url, version);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:10:27", "description": "According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.i1/4^CVE-2018-5391i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:2.5.4", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel"], "id": "EULEROS_SA-2019-1168.NASL", "href": "https://www.tenable.com/plugins/nessus/123854", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123854);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-5391\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1168)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A flaw named FragmentSmack was found in the way the\n Linux kernel handled reassembly of fragmented IPv4 and\n IPv6 packets. A remote attacker could use this flaw to\n trigger time and calculation expensive fragment\n reassembly algorithm by sending specially crafted\n packets which could lead to a CPU saturation and hence\n a denial of service on the system.i1/4^CVE-2018-5391i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1168\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8ed86976\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_24\",\n \"kernel-devel-3.10.0-862.14.1.1_24\",\n \"kernel-headers-3.10.0-862.14.1.1_24\",\n \"kernel-tools-3.10.0-862.14.1.1_24\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_24\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_24\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:41:07", "description": "According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.(CVE-2018-5391)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-10-26T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-5391"], "modified": "2022-02-01T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:2.5.2", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel"], "id": "EULEROS_SA-2018-1352.NASL", "href": "https://www.tenable.com/plugins/nessus/118440", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(118440);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/01\");\n\n script_cve_id(\"CVE-2018-5391\");\n\n script_name(english:\"EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1352)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - A flaw named FragmentSmack was found in the way the\n Linux kernel handled reassembly of fragmented IPv4 and\n IPv6 packets. A remote attacker could use this flaw to\n trigger time and calculation expensive fragment\n reassembly algorithm by sending specially crafted\n packets which could lead to a CPU saturation and hence\n a denial of service on the system.(CVE-2018-5391)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1352\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cea57acd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-5391\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.2\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.2\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-514.44.5.10_102\",\n \"kernel-devel-3.10.0-514.44.5.10_102\",\n \"kernel-headers-3.10.0-514.44.5.10_102\",\n \"kernel-tools-3.10.0-514.44.5.10_102\",\n \"kernel-tools-libs-3.10.0-514.44.5.10_102\",\n \"kernel-tools-libs-devel-3.10.0-514.44.5.10_102\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:18:34", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:\n memory allocation, process allocation, device input and output, etc.Security Fix(es):The Linux kernel is vulnerable to a NULL pointer dereference in the ext4/mballoc.c:ext4_process_freed_data() function. An attacker could trick a legitimate user or a privileged attacker could exploit this by mounting a crafted ext4 image to cause a kernel panic.(CVE-2018-1092)The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.(CVE-2018-7740)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-04-04T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1229)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1092", "CVE-2018-7740"], "modified": "2022-05-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "cpe:/o:huawei:euleros:uvp:2.5.4"], "id": "EULEROS_SA-2019-1229.NASL", "href": "https://www.tenable.com/plugins/nessus/123697", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123697);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/20\");\n\n script_cve_id(\"CVE-2018-1092\", \"CVE-2018-7740\");\n\n script_name(english:\"EulerOS Virtualization 2.5.4 : kernel (EulerOS-SA-2019-1229)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The kernel package contains the Linux kernel (vmlinuz),\n the core of any Linux operating system. The kernel\n handles the basic functions of the operating system:\n memory allocation, process allocation, device input and\n output, etc.Security Fix(es):The Linux kernel is\n vulnerable to a NULL pointer dereference in the\n ext4/mballoc.c:ext4_process_freed_data() function. An\n attacker could trick a legitimate user or a privileged\n attacker could exploit this by mounting a crafted ext4\n image to cause a kernel panic.(CVE-2018-1092)The\n resv_map_release function in mm/hugetlb.c in the Linux\n kernel, through 4.15.7, allows local users to cause a\n denial of service (BUG) via a crafted application that\n makes mmap system calls and has a large pgoff argument\n to the remap_file_pages system call.(CVE-2018-7740)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1229\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?68740c7e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1092\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-7740\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.4\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.4\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.4\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-862.14.1.1_54\",\n \"kernel-devel-3.10.0-862.14.1.1_54\",\n \"kernel-headers-3.10.0-862.14.1.1_54\",\n \"kernel-tools-3.10.0-862.14.1.1_54\",\n \"kernel-tools-libs-3.10.0-862.14.1.1_54\",\n \"kernel-tools-libs-devel-3.10.0-862.14.1.1_54\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:14", "description": "The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security fixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348)\n\n - CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bnc#979021).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1613-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3288", "CVE-2017-1000364"], "modified": "2021-06-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-base", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1613-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100912", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1613-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100912);\n script_version(\"3.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2015-3288\", \"CVE-2017-1000364\");\n script_xref(name:\"IAVA\", value:\"2017-A-0288-S\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1613-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various\nsecurity fixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too\n small and could be 'jumped over' by userland programs\n using more than one page of stack in functions and so\n lead to memory corruption. This update extends the stack\n guard page to 1 MB (for 4k pages) and 16 MB (for 64k\n pages) to reduce this attack vector. This is not a\n kernel bugfix, but a hardening measure against this kind\n of userland attack.(bsc#1039348)\n\n - CVE-2015-3288: mm/memory.c in the Linux kernel\n mishandled anonymous pages, which allowed local users to\n gain privileges or cause a denial of service (page\n tainting) via a crafted application that triggers\n writing to page zero (bnc#979021).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=979021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-3288/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171613-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1bf7b1ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-kernel-13156=1\n\nSUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch\nslexsp3-kernel-13156=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-kernel-13156=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-kernel-13156=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-source-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-syms-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.102.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.102.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:39:37", "description": "An update of 'linux', 'linux-esx' packages of Photon OS has been released.", "cvss3": {}, "published": "2018-08-17T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2018-1.0-0161 (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232", "CVE-2018-10323"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0161.NASL", "href": "https://www.tenable.com/plugins/nessus/111943", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2/7/2019\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0161. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111943);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/02/07 18:59:50\");\n\n script_cve_id(\"CVE-2017-18232\", \"CVE-2018-10323\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2018-1.0-0161 (deprecated)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of 'linux', 'linux-esx' packages of Photon OS has been\nreleased.\");\n # https://github.com/vmware/photon/wiki/Security-Updates-1.0-161\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3300528\");\n script_set_attribute(attribute:\"solution\", value:\"n/a.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10323\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\npkgs = [\n \"linux-4.4.139-2.ph1\",\n \"linux-debuginfo-4.4.139-2.ph1\",\n \"linux-dev-4.4.139-2.ph1\",\n \"linux-docs-4.4.139-2.ph1\",\n \"linux-drivers-gpu-4.4.139-2.ph1\",\n \"linux-esx-4.4.139-2.ph1\",\n \"linux-esx-debuginfo-4.4.139-2.ph1\",\n \"linux-esx-devel-4.4.139-2.ph1\",\n \"linux-esx-docs-4.4.139-2.ph1\",\n \"linux-oprofile-4.4.139-2.ph1\",\n \"linux-sound-4.4.139-2.ph1\",\n \"linux-tools-4.4.139-2.ph1\"\n];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"PhotonOS-1.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:34", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-02-07T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Linux PHSA-2018-1.0-0161", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-18232", "CVE-2018-10323"], "modified": "2019-02-07T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2018-1_0-0161_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/121857", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2018-1.0-0161. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121857);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2019/02/07\");\n\n script_cve_id(\"CVE-2017-18232\", \"CVE-2018-10323\");\n\n script_name(english:\"Photon OS 1.0: Linux PHSA-2018-1.0-0161\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-161.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10323\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-debuginfo-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-debuginfo-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-dev-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-dev-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-docs-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-docs-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-drivers-gpu-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-drivers-gpu-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-debuginfo-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-debuginfo-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-devel-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-devel-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-docs-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-esx-docs-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-oprofile-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-oprofile-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-sound-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-sound-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-tools-4.4.139-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"linux-tools-4.4.139-2.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:44", "description": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937. (CVE-2015-7990)", "cvss3": {}, "published": "2017-07-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K98102572)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-6937", "CVE-2015-7990"], "modified": "2019-01-04T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL98102572.NASL", "href": "https://www.tenable.com/plugins/nessus/101324", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K98102572.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101324);\n script_version(\"3.3\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2015-6937\", \"CVE-2015-7990\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K98102572)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the\nLinux kernel before 4.3.3 allows local users to cause a denial of\nservice (NULL pointer dereference and system crash) or possibly have\nunspecified other impact by using a socket that was not properly\nbound. NOTE: this vulnerability exists because of an incomplete fix\nfor CVE-2015-6937. (CVE-2015-7990)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K98102572\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K98102572.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K98102572\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.4.0-11.6.1\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.0.0-11.6.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"12.0.0-12.1.2\",\"11.3.0-11.6.1\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-06-09T12:02:22", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-lts-trusty \\- Linux hardware enablement kernel from Trusty for Precise\n\nUSN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu \n12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux \nSound Architecture (ALSA) subsystem in the Linux kernel did not properly \ncheck for an integer overflow. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did \nnot properly handle anonymous pages. A local attacker could use this to \ncause a denial of service or possibly gain administrative privileges. \n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress \nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest \nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash). (CVE-2016-7042)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel (Trusty HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3127-2", "href": "https://ubuntu.com/security/notices/USN-3127-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-09T12:02:24", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n\nIt was discovered that the compression handling code in the Advanced Linux \nSound Architecture (ALSA) subsystem in the Linux kernel did not properly \ncheck for an integer overflow. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did \nnot properly handle anonymous pages. A local attacker could use this to \ncause a denial of service or possibly gain administrative privileges. \n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress \nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest \nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash). (CVE-2016-7042)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3127-1", "href": "https://ubuntu.com/security/notices/USN-3127-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T16:49:27", "description": "## Releases\n\n * Ubuntu 15.10 \n\n## Packages\n\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n\nNathan Williams discovered that overlayfs in the Linux kernel incorrectly \nhandled setattr operations. A local unprivileged attacker could use this to \ncreate files with administrative permission attributes and execute \narbitrary code with elevated privileges.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-05T00:00:00", "type": "ubuntu", "title": "Linux kernel (Raspberry Pi 2) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2016-01-05T00:00:00", "id": "USN-2858-3", "href": "https://ubuntu.com/security/notices/USN-2858-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T16:49:28", "description": "## Releases\n\n * Ubuntu 15.04 \n\n## Packages\n\n * linux \\- Linux kernel\n\nNathan Williams discovered that overlayfs in the Linux kernel incorrectly \nhandled setattr operations. A local unprivileged attacker could use this to \ncreate files with administrative permission attributes and execute \narbitrary code with elevated privileges.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-05T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2016-01-05T00:00:00", "id": "USN-2857-1", "href": "https://ubuntu.com/security/notices/USN-2857-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T16:49:28", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-lts-wily \\- Linux hardware enablement kernel from Wily\n\nNathan Williams discovered that overlayfs in the Linux kernel incorrectly \nhandled setattr operations. A local unprivileged attacker could use this to \ncreate files with administrative permission attributes and execute \narbitrary code with elevated privileges.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-05T00:00:00", "type": "ubuntu", "title": "Linux kernel (Wily HWE) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2016-01-05T00:00:00", "id": "USN-2858-2", "href": "https://ubuntu.com/security/notices/USN-2858-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T16:49:29", "description": "## Releases\n\n * Ubuntu 15.10 \n\n## Packages\n\n * linux \\- Linux kernel\n\nNathan Williams discovered that overlayfs in the Linux kernel incorrectly \nhandled setattr operations. A local unprivileged attacker could use this to \ncreate files with administrative permission attributes and execute \narbitrary code with elevated privileges.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-05T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2016-01-05T00:00:00", "id": "USN-2858-1", "href": "https://ubuntu.com/security/notices/USN-2858-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T16:49:28", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-lts-vivid \\- Linux hardware enablement kernel from Vivid\n\nNathan Williams discovered that overlayfs in the Linux kernel incorrectly \nhandled setattr operations. A local unprivileged attacker could use this to \ncreate files with administrative permission attributes and execute \narbitrary code with elevated privileges.\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-01-05T00:00:00", "type": "ubuntu", "title": "Linux kernel (Vivid HWE) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2016-01-05T00:00:00", "id": "USN-2857-2", "href": "https://ubuntu.com/security/notices/USN-2857-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2019-07-19T19:42:39", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-02-06T08:28:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2017-15128", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15128"], "modified": "2018-02-06T08:32:00", "id": "F5:K02433339", "href": "https://support.f5.com/csp/article/K02433339", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-04-30T18:21:17", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.2.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.1.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-02T00:51:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2017-7374", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7374"], "modified": "2017-05-02T00:51:00", "id": "F5:K61968355", "href": "https://support.f5.com/csp/article/K61968355", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:49:05", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy. \n \nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 5.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.7}, "published": "2016-01-28T00:00:00", "type": "f5", "title": "SOL98102572 - Linux kernel vulnerability CVE-2015-7990", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7990"], "modified": "2016-01-28T00:00:00", "id": "SOL98102572", "href": "http://support.f5.com/kb/en-us/solutions/public/k/98/sol98102572.html", "cvss": {"score": 5.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2016-09-26T17:23:07", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-15T00:00:00", "type": "f5", "title": "SOL30905674 - Linux kernel vulnerability CVE-2014-9904", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904"], "modified": "2016-07-15T00:00:00", "id": "SOL30905674", "href": "http://support.f5.com/kb/en-us/solutions/public/k/30/sol30905674.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:33", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-15T23:17:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2014-9904", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904"], "modified": "2016-07-15T23:17:00", "id": "F5:K30905674", "href": "https://support.f5.com/csp/article/K30905674", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-09-01T13:01:13", "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option. ([CVE-2016-6828](<https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6828>))\n\nImpact\n\nA local user may cause a denial-of-service (DoS) by way of a crafted SACK option.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-12-21T00:38:00", "type": "f5", "title": "Kernel vulnerability CVE-2016-6828", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6828"], "modified": "2020-03-24T06:43:00", "id": "F5:K62442245", "href": "https://support.f5.com/csp/article/K62442245", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2016-09-26T17:23:08", "description": "Vulnerability Recommended Actions\n\nNone \n\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {}, "published": "2014-08-18T00:00:00", "type": "f5", "title": "SOL15512 - LZO decompressor vulnerability CVE-2014-4608", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4608"], "modified": "2016-07-25T00:00:00", "id": "SOL15512", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15512.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2023-06-08T10:44:12", "description": "** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says \"the Linux kernel is *not* affected; media hype.\" ([CVE-2014-4608](<https://vulners.com/cve/CVE-2014-4608>))\n\nImpact\n\nNone. No F5 products are vulnerable to this vulnerability.\n", "cvss3": {}, "published": "2014-08-18T17:38:00", "type": "f5", "title": "LZO decompressor vulnerability CVE-2014-4608", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4608"], "modified": "2017-03-09T21:27:00", "id": "F5:K15512", "href": "https://support.f5.com/csp/article/K15512", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-09-10T16:42:10", "description": "\nF5 Product Development has assigned ID 492732 (BIG-IP), ID 496037 and ID 496042 (BIG-IQ), ID 496045 and ID 496044 (Enterprise Manager), and ID 492564 (F5 WebSafe) to this vulnerability. Additionally, [BIG-IP iHealth](<https://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H496135 and H74413297 on the **Diagnostics** >** Identified** > **High **page.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP AAM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP AFM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP Analytics | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP APM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP ASM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP DNS | 12.0.0 | 13.0.0 \n12.1.0 - 12.1.2 | High | Linux kernel and specific device drivers \nBIG-IP Edge Gateway | 11.2.1 | None | High | Linux kernel and specific device drivers \nBIG-IP GTM | 11.6.1 \n11.5.1 - 11.5.4 | 11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP Link Controller | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP PEM | 12.0.0 \n11.6.1 \n11.5.1 - 11.5.4 \n11.2.1 | 13.0.0 \n12.1.0 - 12.1.2 \n11.6.2 \n11.5.5 | High | Linux kernel and specific device drivers \nBIG-IP WebAccelerator | 11.2.1 | None | High | Linux kernel and specific device drivers \nF5 WebSafe | None | 13.0.0 \n12.0.0 - 12.1.2 \n11.6.1 | Not vulnerable | None \nARX | None | 6.2.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.1.1 | None | High | Linux kernel and specific device drivers \nBIG-IQ Cloud | 4.4.0 - 4.5.0 | None | High | Linux kernel and specific device drivers \nBIG-IQ Device | 4.4.0 - 4.5.0 | None | High | Linux kernel and specific device drivers \nBIG-IQ Security | 4.4.0 - 4.5.0 | None | High | Linux kernel and specific device drivers \nLineRate | None | 2.5.0 - 2.6.2 | Not vulnerable | None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\n**Mitigation**\n\nTo mitigate the vulnerability, maintain affected products in a secure location, which limits physical access to the unit. \n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {}, "published": "2017-10-27T07:50:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2014-3184", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3184"], "modified": "2018-03-08T02:10:00", "id": "F5:K74413297", "href": "https://support.f5.com/csp/article/K74413297", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T23:21:48", "description": "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces. ([CVE-2017-17450](<https://vulners.com/cve/CVE-2017-17450>))\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-02-20T15:04:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2017-17450", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17450"], "modified": "2018-02-20T15:04:00", "id": "F5:K94730263", "href": "https://support.f5.com/csp/article/K94730263", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-09-13T21:51:27", "description": "\nF5 Product Development has assigned ID 570025 (BIG-IP), ID 570141 (BIG-IQ), and ID 570142 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H98102572 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| Kernel \nBIG-IP AAM| 12.0.0- 12.1.2 \n11.4.0 - 11.6.1| 13.0.0| Medium| Kernel \nBIG-IP AFM| 12.0.0- 12.1.2 \n11.3.0 - 11.6.1| 13.0.0| Medium| Kernel \nBIG-IP Analytics| 12.0.0- 12.1.2 \n11.0.0 - 11.6.1| 13.0.0| Medium| Kernel \nBIG-IP APM| 12.0.0- 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| Kernel \nBIG-IP ASM| 12.0.0- 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| Kernel \nBIG-IP DNS| 12.0.0- 12.1.2| 13.0.0| Medium| Kernel \nBIG-IP Edge Gateway| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Kernel \nBIG-IP GTM| 11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| None| Medium| Kernel \nBIG-IP Link Controller| 12.0.0- 12.1.2 \n11.0.0 - 11.6.1 \n10.1.0 - 10.2.4| 13.0.0| Medium| Kernel \nBIG-IP PEM| 12.0.0- 12.1.2 \n11.3.0 - 11.6.1| 13.0.0| Medium| Kernel \nBIG-IP PSM| 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4| None| Medium| Kernel \nBIG-IP WebAccelerator| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Kernel \nBIG-IP WOM| 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4| None| Medium| Kernel \nARX| None| 6.0.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.0.0 - 3.1.1| None| Medium| Kernel \nFirePass| None| 7.0.0 \n6.0.0 - 6.1.0| Not vulnerable| None \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| Kernel \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| Kernel \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| Kernel \nBIG-IQ ADC| 4.5.0| None| Medium| Kernel \nBIG-IQ Centralized Management| 4.6.0| None| Medium| Kernel \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Medium| Kernel \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1| None| Low| Kernel\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the **Severity** values published in the previous table. The **Severity** values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 13.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "baseScore": 5.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 4.7}, "published": "2016-01-29T02:29:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2015-7990", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7990", "CVE-2015-6937"], "modified": "2017-07-07T18:44:00", "id": "F5:K98102572", "href": "https://support.f5.com/csp/article/K98102572", "cvss": {"score": 5.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}], "cve": [{"lastseen": "2023-06-05T14:59:12", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T06:29:00", "type": "cve", "title": "CVE-2017-15128", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15128"], "modified": "2021-07-15T19:16:00", "cpe": ["cpe:/o:linux:linux_kernel:4.13.11", "cpe:/o:redhat:enterprise_mrg:2.0", "cpe:/o:redhat:enterprise_linux:7.0"], "id": "CVE-2017-15128", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15128", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.13.11:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-08T14:12:44", "description": "The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T07:59:00", "type": "cve", "title": "CVE-2016-10044", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10044"], "modified": "2023-01-17T21:40:00", "cpe": ["cpe:/o:google:android:7.1.1"], "id": "CVE-2016-10044", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10044", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:08:41", "description": "The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-04T17:29:00", "type": "cve", "title": "CVE-2017-18257", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18257"], "modified": "2018-07-04T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:9.0"], "id": "CVE-2017-18257", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18257", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:27:07", "description": "Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-31T20:59:00", "type": "cve", "title": "CVE-2017-7374", "cwe": ["CWE-416", "CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7374"], "modified": "2023-02-14T21:38:00", "cpe": [], "id": "CVE-2017-7374", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7374", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-07T15:10:13", "description": "The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-07T08:29:00", "type": "cve", "title": "CVE-2018-7740", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7740"], "modified": "2019-03-18T19:31:00", "cpe": ["cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:linux:linux_kernel:4.15.7", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:redhat:virtualization_host:4.0"], "id": "CVE-2018-7740", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7740", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.15.7:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-08T15:11:02", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2015-3288", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2023-02-12T23:15:00", "cpe": [], "id": "CVE-2015-3288", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-05T15:08:36", "description": "The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-15T04:29:00", "type": "cve", "title": "CVE-2017-18232", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18232"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:4.15.9"], "id": "CVE-2017-18232", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18232", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.15.9:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-08T15:12:30", "description": "The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-28T11:59:00", "type": "cve", "title": "CVE-2015-8660", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2023-06-07T12:44:00", "cpe": [], "id": "CVE-2015-8660", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8660", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-06-09T11:22:54", "description": "The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-06-27T10:59:00", "type": "cve", "title": "CVE-2014-9904", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904"], "modified": "2023-01-17T21:42:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:novell:suse_linux_enterprise_real_time_extension:12"], "id": "CVE-2014-9904", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9904", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:40:33", "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2016-6828", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6828"], "modified": "2023-02-12T23:25:00", "cpe": ["cpe:/o:linux:linux_kernel:4.7.4"], "id": "CVE-2016-6828", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6828", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.7.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T14:45:47", "description": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-17T07:29:00", "type": "cve", "title": "CVE-2018-20169", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20169"], "modified": "2019-08-13T19:15:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "CVE-2018-20169", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20169", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"]}, {"lastseen": "2023-06-08T14:32:28", "description": "The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original \"Dirty cow\" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-30T22:29:00", "type": "cve", "title": "CVE-2017-1000405", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405"], "modified": "2018-02-13T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14"], "id": "CVE-2017-1000405", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000405", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.14:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-09T10:39:24", "description": "** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says \"the Linux kernel is *not* affected; media hype.\"", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "cve", "title": "CVE-2014-4608", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4608"], "modified": "2020-08-14T17:51:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.10", "cpe:/o:opensuse:opensuse:11.4", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:11", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:suse:linux_enterprise_real_time_extension:11"], "id": "CVE-2014-4608", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4608", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:suse:linux_enterprise_real_time_extension:11:sp3:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*"]}, {"lastseen": "2023-06-09T10:31:08", "description": "arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.", "cvss3": {}, "published": "2014-08-01T11:13:00", "type": "cve", "title": "CVE-2014-3534", "cwe": ["CWE-269"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3534"], "modified": "2023-02-13T00:40:00", "cpe": ["cpe:/o:debian:debian_linux:7.0"], "id": "CVE-2014-3534", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3534", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-03T14:33:24", "description": "The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-03T21:59:00", "type": "cve", "title": "CVE-2016-3955", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3955"], "modified": "2022-11-03T20:31:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:12.04"], "id": "CVE-2016-3955", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3955", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"]}, {"lastseen": "2023-06-09T10:28:03", "description": "The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.", "cvss3": {}, "published": "2014-09-28T10:55:00", "type": "cve", "title": "CVE-2014-3184", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3184"], "modified": "2016-12-24T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.16.0"], "id": "CVE-2014-3184", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3184", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-05T15:06:22", "description": "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-07T00:29:00", "type": "cve", "title": "CVE-2017-17450", "cwe": ["CWE-862"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17450"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:4.14.4"], "id": "CVE-2017-17450", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.14.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-07T15:01:39", "description": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-06T21:29:00", "type": "cve", "title": "CVE-2018-5391", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5391"], "modified": "2022-12-28T18:07:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:redhat:enterprise_linux_server_aus:6.6", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_server_aus:7.2", "cpe:/o:redhat:enterprise_linux_server_tus:7.2", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:redhat:enterprise_linux_server_aus:7.3", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:microsoft:windows_server_2016:1803", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:microsoft:windows_7:-", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:linux:linux_kernel:4.18", "cpe:/o:redhat:enterprise_linux_server_aus:6.5", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1703", "cpe:/o:microsoft:windows_10:-", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server_tus:7.3", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:microsoft:windows_server_2016:1709", "cpe:/o:redhat:enterprise_linux_server_eus:6.7", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/o:redhat:enterprise_linux_server_tus:6.6", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:redhat:enterprise_linux_server_aus:6.4", "cpe:/o:microsoft:windows_10:1709", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.3", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:redhat:enterprise_linux_server_tus:7.4"], "id": "CVE-2018-5391", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5391", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:itanium:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.18:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-09T11:12:45", "description": "The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.", "cvss3": {}, "published": "2014-11-10T11:55:00", "type": "cve", "title": "CVE-2014-8481", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8480", "CVE-2014-8481"], "modified": "2015-11-20T16:08:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2014-8481", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8481", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:rc1:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-06-05T18:14:29", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T06:29:00", "type": "debiancve", "title": "CVE-2017-15128", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15128"], "modified": "2018-01-14T06:29:00", "id": "DEBIANCVE:CVE-2017-15128", "href": "https://security-tracker.debian.org/tracker/CVE-2017-15128", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:52:02", "description": "The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T07:59:00", "type": "debiancve", "title": "CVE-2016-10044", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10044"], "modified": "2017-02-07T07:59:00", "id": "DEBIANCVE:CVE-2016-10044", "href": "https://security-tracker.debian.org/tracker/CVE-2016-10044", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-05T18:14:31", "description": "The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-04T17:29:00", "type": "debiancve", "title": "CVE-2017-18257", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18257"], "modified": "2018-04-04T17:29:00", "id": "DEBIANCVE:CVE-2017-18257", "href": "https://security-tracker.debian.org/tracker/CVE-2017-18257", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T18:14:31", "description": "Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-31T20:59:00", "type": "debiancve", "title": "CVE-2017-7374", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7374"], "modified": "2017-03-31T20:59:00", "id": "DEBIANCVE:CVE-2017-7374", "href": "https://security-tracker.debian.org/tracker/CVE-2017-7374", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-07T18:14:32", "description": "The resv_map_release function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-07T08:29:00", "type": "debiancve", "title": "CVE-2018-7740", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7740"], "modified": "2018-03-07T08:29:00", "id": "DEBIANCVE:CVE-2018-7740", "href": "https://security-tracker.debian.org/tracker/CVE-2018-7740", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:52:01", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2015-3288", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2015-3288", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-05T18:14:30", "description": "The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-15T04:29:00", "type": "debiancve", "title": "CVE-2017-18232", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18232"], "modified": "2018-03-15T04:29:00", "id": "DEBIANCVE:CVE-2017-18232", "href": "https://security-tracker.debian.org/tracker/CVE-2017-18232", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-08T15:52:01", "description": "The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-28T11:59:00", "type": "debiancve", "title": "CVE-2015-8660", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2015-12-28T11:59:00", "id": "DEBIANCVE:CVE-2015-8660", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8660", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:52:01", "description": "The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-06-27T10:59:00", "type": "debiancve", "title": "CVE-2014-9904", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904"], "modified": "2016-06-27T10:59:00", "id": "DEBIANCVE:CVE-2014-9904", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9904", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T14:41:17", "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2016-6828", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6828"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2016-6828", "href": "https://security-tracker.debian.org/tracker/CVE-2016-6828", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:56:58", "description": "An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-17T07:29:00", "type": "debiancve", "title": "CVE-2018-20169", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20169"], "modified": "2018-12-17T07:29:00", "id": "DEBIANCVE:CVE-2018-20169", "href": "https://security-tracker.debian.org/tracker/CVE-2018-20169", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:52:02", "description": "The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch_pmd() can be reached by get_user_pages(). In such case, the pmd will become dirty. This scenario breaks the new can_follow_write_pmd()'s logic - pmd can become dirty without going through a COW cycle. This bug is not as severe as the original \"Dirty cow\" because an ext4 file (or any other regular file) cannot be mapped using THP. Nevertheless, it does allow us to overwrite read-only huge pages. For example, the zero huge page and sealed shmem files can be overwritten (since their mapping can be populated using THP). Note that after the first write page-fault to the zero page, it will be replaced with a new fresh (and zeroed) thp.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-30T22:29:00", "type": "debiancve", "title": "CVE-2017-1000405", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405"], "modified": "2017-11-30T22:29:00", "id": "DEBIANCVE:CVE-2017-1000405", "href": "https://security-tracker.debian.org/tracker/CVE-2017-1000405", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:52:00", "description": "** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Literal Run. NOTE: the author of the LZO algorithms says \"the Linux kernel is *not* affected; media hype.\"", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "debiancve", "title": "CVE-2014-4608", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4608"], "modified": "2014-07-03T04:22:00", "id": "DEBIANCVE:CVE-2014-4608", "href": "https://security-tracker.debian.org/tracker/CVE-2014-4608", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-08T15:52:00", "description": "arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.", "cvss3": {}, "published": "2014-08-01T11:13:00", "type": "debiancve", "title": "CVE-2014-3534", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3534"], "modified": "2014-08-01T11:13:00", "id": "DEBIANCVE:CVE-2014-3534", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3534", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-03T14:41:17", "description": "The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the Linux kernel before 4.5.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted length value in a USB/IP packet.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-03T21:59:00", "type": "debiancve", "title": "CVE-2016-3955", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3955"], "modified": "2016-07-03T21:59:00", "id": "DEBIANCVE:CVE-2016-3955", "href": "https://security-tracker.debian.org/tracker/CVE-2016-3955", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T10:31:20", "description": "The report_fixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service (out-of-bounds write) via a crafted device that provides a small report descriptor, related to (1) drivers/hid/hid-cherry.c, (2) drivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4) drivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6) drivers/hid/hid-sunplus.c.", "cvss3": {}, "published": "2014-09-28T10:55:00", "type": "debiancve", "title": "CVE-2014-3184", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3184"], "modified": "2014-09-28T10:55:00", "id": "DEBIANCVE:CVE-2014-3184", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3184", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-05T18:14:30", "description": "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-07T00:29:00", "type": "debiancve", "title": "CVE-2017-17450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17450"], "modified": "2017-12-07T00:29:00", "id": "DEBIANCVE:CVE-2017-17450", "href": "https://security-tracker.debian.org/tracker/CVE-2017-17450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T18:14:31", "description": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation have been discovered and fixed over the years. The current vulnerability (CVE-2018-5391) became exploitable in the Linux kernel with the increase of the IP fragment reassembly queue size.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-09-06T21:29:00", "type": "debiancve", "title": "CVE-2018-5391", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5391"], "modified": "2018-09-06T21:29:00", "id": "DEBIANCVE:CVE-2018-5391", "href": "https://security-tracker.debian.org/tracker/CVE-2018-5391", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:52:01", "description": "The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a crafted application that triggers (1) an improperly fetched instruction or (2) an instruction that occupies too many bytes. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8480.", "cvss3": {}, "published": "2014-11-10T11:55:00", "type": "debiancve", "title": "CVE-2014-8481", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8480", "CVE-2014-8481"], "modified": "2014-11-10T11:55:00", "id": "DEBIANCVE:CVE-2014-8481", "href": "https://security-tracker.debian.org/tracker/CVE-2014-8481", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:52:01", "description": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.8, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-12-28T11:59:00", "type": "debiancve", "title": "CVE-2015-7990", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-6937", "CVE-2015-7990"], "modified": "2015-12-28T11:59:00", "id": "DEBIANCVE:CVE-2015-7990", "href": "https://security-tracker.debian.org/tracker/CVE-2015-7990", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}}], "redhatcve": [{"lastseen": "2022-07-07T11:11:25", "description": "A flaw was found in the Linux kernel where a local user with a shell account can abuse the userfaultfd syscall when using hugetlbfs. A missing size check in hugetlb_mcopy_atomic_pte could create an invalid inode variable, leading to a kernel panic.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-04T17:15:32", "type": "redhatcve", "title": "CVE-2017-15128", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15128"], "modified": "2022-07-07T09:09:50", "id": "RH:CVE-2017-15128", "href": "https://access.redhat.com/security/cve/cve-2017-15128", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-10-13T16:56:44", "description": "The aio_mount function in fs/aio.c in the Linux kernel does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-02-08T09:49:28", "type": "redhatcve", "title": "CVE-2016-10044", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10044"], "modified": "2021-10-13T16:46:00", "id": "RH:CVE-2016-10044", "href": "https://access.redhat.com/security/cve/cve-2016-10044", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-02T22:51:34", "description": "The Linux kernel was found to be vulnerable to an infinite loop cause by an integer overflow in the fs/f2fs/data.c:__get_data_block() function. A local attacker could exploit this to cause a denial of service.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-04-10T04:49:12", "type": "redhatcve", "title": "CVE-2017-18257", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18257"], "modified": "2021-03-18T16:58:02", "id": "RH:CVE-2017-18257", "href": "https://access.redhat.com/security/cve/cve-2017-18257", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:50:37", "description": "A use-after-free flaw was found in the Linux kernel's file system encryption implementation. A local user could revoke keyring keys being used for ext4, f2fs, or ubifs encryption, causing a denial of service on the system.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-03T10:48:45", "type": "redhatcve", "title": "CVE-2017-7374", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7374"], "modified": "2020-04-08T20:40:04", "id": "RH:CVE-2017-7374", "href": "https://access.redhat.com/security/cve/cve-2017-7374", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:10:50", "description": "The resv_map_release function in mm/hugetlb.c in the Linux kernel, through 4.15.7, allows local users to cause a denial of service (BUG) via a crafted application that makes mmap system calls and has a large pgoff argument to the remap_file_pages system call.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-09T01:21:43", "type": "redhatcve", "title": "CVE-2018-7740", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7740"], "modified": "2022-07-07T11:05:31", "id": "RH:CVE-2018-7740", "href": "https://access.redhat.com/security/cve/cve-2018-7740", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-07-07T11:11:25", "description": "The Serial Attached SCSI (SAS) implementation in the Linux kernel mishandles a mutex within libsas. This allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-11-02T21:33:51", "type": "redhatcve", "title": "CVE-2017-18232", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18232"], "modified": "2022-07-07T09:26:14", "id": "RH:CVE-2017-18232", "href": "https://access.redhat.com/security/cve/cve-2017-18232", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-13T19:55:35", "description": "A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-08-18T21:03:31", "type": "redhatcve", "title": "CVE-2016-6828", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6828"], "modified": "2021-10-13T17:17:24", "id": "RH:CVE-2016-6828", "href": "https://access.redhat.com/security/cve/CVE-2016-6828", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T16:27:23", "description": "A flaw was discovered in the Linux kernel's USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-03T02:00:45", "type": "redhatcve", "title": "CVE-2018-20169", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20169"], "modified": "2023-05-12T21:24:41", "id": "RH:CVE-2018-20169", "href": "https://access.redhat.com/security/cve/cve-2018-20169", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-07T11:11:27", "description": "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations. This allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all network namespaces.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-03-31T08:14:29", "type": "redhatcve", "title": "CVE-2017-17450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17450"], "modified": "2022-07-07T09:15:53", "id": "RH:CVE-2017-17450", "href": "https://access.redhat.com/security/cve/cve-2017-17450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-07T16:28:57", "description": "A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system.\n#### Mitigation\n\nOne may change the default 4MB and 3MB values of net.ipv4.ipfrag_high_thresh and net.ipv4.ipfrag_low_thresh (and their ipv6 counterparts net.ipv6.ipfrag_high_thresh and net.ipv6.ipfrag_low_thresh) to 256 kB and 192 kB (respectively) or below. Tests show some to significant CPU saturation drop during an attack, depending on a hardware, configuration and environment. \n\n\nThere can be some impact on performance though, due to ipfrag_high_thresh of 262144 bytes, as only two 64K fragments can fit in the reassembly queue at the same time. For example, there is a risk of breaking applications that rely on large UDP packets. \n\n\nSee the Mitigation section in the <https://access.redhat.com/articles/3553061> article for the script to quickly change to/from default and lower settings. \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-02T19:57:56", "type": "redhatcve", "title": "CVE-2018-5391", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5391"], "modified": "2023-04-06T05:49:17", "id": "RH:CVE-2018-5391", "href": "https://access.redhat.com/security/cve/cve-2018-5391", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntucve": [{"lastseen": "2023-06-06T14:03:22", "description": "A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c\nin the Linux kernel before 4.13.12. A lack of size check could cause a\ndenial of service (BUG).", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-01-14T00:00:00", "type": "ubuntucve", "title": "CVE-2017-15128", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-15128"], "modified": "2018-01-14T00:00:00", "id": "UB:CVE-2017-15128", "href": "https://ubuntu.com/security/CVE-2017-15128", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:03:37", "description": "The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does\nnot properly restrict execute access, which makes it easier for local users\nto bypass intended SELinux W^X policy restrictions, and consequently gain\nprivileges, via an io_setup system call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-02-07T00:00:00", "type": "ubuntucve", "title": "CVE-2016-10044", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-10044"], "modified": "2017-02-07T00:00:00", "id": "UB:CVE-2016-10044", "href": "https://ubuntu.com/security/CVE-2016-10044", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T14:01:01", "description": "The __get_data_block function in fs/f2fs/data.c in the Linux kernel before\n4.11 allows local users to cause a denial of service (integer overflow and\nloop) via crafted use of the open and fallocate system calls with an\nFS_IOC_FIEMAP ioctl.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-04-04T00:00:00", "type": "ubuntucve", "title": "CVE-2017-18257", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18257"], "modified": "2018-04-04T00:00:00", "id": "UB:CVE-2017-18257", "href": "https://ubuntu.com/security/CVE-2017-18257", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-06T14:14:12", "description": "Use-after-free vulnerability in fs/crypto/ in the Linux kernel before\n4.10.7 allows local users to cause a denial of service (NULL pointer\ndereference) or possibly gain privileges by revoking keyring keys being\nused for ext4, f2fs, or ubifs encryption, causing cryptographic transform\nobjects to be freed prematurely.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-31T00:00:00", "type": "ubuntucve", "title": "CVE-2017-7374", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-7374"], "modified": "2017-03-31T00:00:00", "id": "UB:CVE-2017-7374", "href": "https://ubuntu.com/security/CVE-2017-7374", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T14:44:51", "description": "The resv_map_release function in mm/hugetlb.c in the Linux kernel through\n4.15.7 allows local users to cause a denial of service (BUG) via a crafted\napplication that makes mmap system calls and has a large pgoff argument to\nthe remap_file_pages system call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | 045c7a3f tried to catch issues like this, but missed this case. ff8c0c53c475 and 045c7a3f may also be needed for older releases\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-07T00:00:00", "type": "ubuntucve", "title": "CVE-2018-7740", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7740"], "modified": "2018-03-07T00:00:00", "id": "UB:CVE-2018-7740", "href": "https://ubuntu.com/security/CVE-2018-7740", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:42:51", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages,\nwhich allows local users to gain privileges or cause a denial of service\n(page tainting) via a crafted application that triggers writing to page\nzero.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1580370>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3288", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2016-10-16T00:00:00", "id": "UB:CVE-2015-3288", "href": "https://ubuntu.com/security/CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T14:01:26", "description": "The Serial Attached SCSI (SAS) implementation in the Linux kernel through\n4.15.9 mishandles a mutex within libsas, which allows local users to cause\na denial of service (deadlock) by triggering certain error-handling code.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-03-15T00:00:00", "type": "ubuntucve", "title": "CVE-2017-18232", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-18232"], "modified": "2018-03-15T00:00:00", "id": "UB:CVE-2017-18232", "href": "https://ubuntu.com/security/CVE-2017-18232", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-08T15:17:43", "description": "The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel\nthrough 4.3.3 attempts to merge distinct setattr operations, which allows\nlocal users to bypass intended access restrictions and modify the\nattributes of arbitrary overlay files via a crafted application.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=1291329>\n * <https://launchpad.net/bugs/1528904>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | kernel 3.16 and older not affected\n", "cvss3": {"exploitabilityScore": 0.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 6.7, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2015-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8660", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8660"], "modified": "2015-12-28T00:00:00", "id": "UB:CVE-2015-8660", "href": "https://ubuntu.com/security/CVE-2015-8660", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:11:39", "description": "The snd_compress_check_input function in sound/core/compress_offload.c in\nthe ALSA subsystem in the Linux kernel before 3.17 does not properly check\nfor an integer overflow, which allows local users to cause a denial of\nservice (insufficient memory allocation) or possibly have unspecified other\nimpact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-06-27T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9904", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904"], "modified": "2016-06-27T00:00:00", "id": "UB:CVE-2014-9904", "href": "https://ubuntu.com/security/CVE-2014-9904", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-04T14:15:40", "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel\nbefore 4.7.5 does not properly maintain certain SACK state after a failed\ndata copy, which allows local users to cause a denial of service\n(tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted\nSACK option.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-08-18T00:00:00", "type": "ubuntucve", "title": "CVE-2016-6828", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6828"], "modified": "2016-08-18T00:00:00", "id": "UB:CVE-2016-6828", "href": "https://ubuntu.com/security/CVE-2016-6828", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T14:34:26", "description": "An issue was discovered in the Linux kernel before 4.19.9. The USB\nsubsystem mishandles size checks during the reading of an extra descriptor,\nrelated to __usb_get_extra_descriptor in drivers/usb/core/usb.c.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | This issue requires physical access and, therefore, is being rated as a low priority issue\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-12-17T00:00:00", "type": "ubuntucve", "title": "CVE-2018-20169", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20169"], "modified": "2018-12-17T00:00:00", "id": "UB:CVE-2018-20169", "href": "https://ubuntu.com/security/CVE-2018-20169", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T14:48:28", "description": "The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of\npmd_mkdirty() in the touch_pmd() function inside the THP implementation.\ntouch_pmd() can be reached by get_user_pages(). In such case, the pmd will\nbecome dirty. This scenario breaks the new can_follow_write_pmd()'s logic -\npmd can become dirty without going through a COW cycle. This bug is not as\nsevere as the original \"Dirty cow\" because an ext4 file (or any other\nregular file) cannot be mapped using THP. Nevertheless, it does allow us to\noverwrite read-only huge pages. For example, the zero huge page and sealed\nshmem files can be overwritten (since their mapping can be populated using\nTHP). Note that after the first write page-fault to the zero page, it will\nbe replaced with a new fresh (and zeroed) thp.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[smb](<https://launchpad.net/~smb>) | Added introducing commit as suggested by RH. We backported that into Trusty and later but not into Precise.\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-11-30T00:00:00", "type": "ubuntucve", "title": "CVE-2017-1000405", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000405"], "modified": "2017-11-30T00:00:00", "id": "UB:CVE-2017-1000405", "href": "https://ubuntu.com/security/CVE-2017-1000405", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:31:47", "description": "** DISPUTED ** Multiple integer overflows in the lzo1x_decompress_safe\nfunction in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the\nLinux kernel before 3.15.2 allow context-dependent attackers to cause a\ndenial of service (memory corruption) via a crafted Literal Run. NOTE: the\nauthor of the LZO algorithms says \"the Linux kernel is *not* affected;\nmedia hype.\"\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1335313>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels \n[jj](<https://launchpad.net/~jj>) | 206a81c18401c0cde6e579164f752c4b147324ce original commit was incomplete reverted by af958a38a60c7ca3d8a39c918c1baa2ff7b6b233 and replaced by 72cf90124e87d975d0b2114d930808c58b4c05e4, cause of -2 USN update\n", "cvss3": {}, "published": "2014-07-03T00:00:00", "type": "ubuntucve", "title": "CVE-2014-4608", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4608"], "modified": "2014-07-03T00:00:00", "id": "UB:CVE-2014-4608", "href": "https://ubuntu.com/security/CVE-2014-4608", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-08T15:31:04", "description": "arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390\nplatform does not properly restrict address-space control operations in\nPTRACE_POKEUSR_AREA requests, which allows local users to obtain read and\nwrite access to kernel memory locations, and consequently gain privileges,\nvia a crafted application that makes a ptrace system call.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3534>\n * <https://launchpad.net/bugs/1453216>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels\n", "cvss3": {}, "published": "2014-08-01T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3534", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3534"], "modified": "2014-08-01T00:00:00", "id": "UB:CVE-2014-3534", "href": "https://ubuntu.com/security/CVE-2014-3534", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-04T14:18:39", "description": "The usbip_recv_xbuff function in drivers/usb/usbip/usbip_common.c in the\nLinux kernel before 4.5.3 allows remote attackers to cause a denial of\nservice (out-of-bounds write) or possibly have unspecified other impact via\na crafted length value in a USB/IP packet.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1572666>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | driver moved from staging in 3.17\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-04-20T00:00:00", "type": "ubuntucve", "title": "CVE-2016-3955", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3955"], "modified": "2016-04-20T00:00:00", "id": "UB:CVE-2016-3955", "href": "https://ubuntu.com/security/CVE-2016-3955", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-08T15:29:58", "description": "The report_fixup functions in the HID subsystem in the Linux kernel before\n3.16.2 might allow physically proximate attackers to cause a denial of\nservice (out-of-bounds write) via a crafted device that provides a small\nreport descriptor, related to (1) drivers/hid/hid-cherry.c, (2)\ndrivers/hid/hid-kye.c, (3) drivers/hid/hid-lg.c, (4)\ndrivers/hid/hid-monterey.c, (5) drivers/hid/hid-petalynx.c, and (6)\ndrivers/hid/hid-sunplus.c.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1370035>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-09-28T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3184", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3184"], "modified": "2014-09-28T00:00:00", "id": "UB:CVE-2014-3184", "href": "https://ubuntu.com/security/CVE-2014-3184", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-06T14:04:28", "description": "net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require\nthe CAP_NET_ADMIN capability for add_callback and remove_callback\noperations, which allows local users to bypass intended access restrictions\nbecause the xt_osf_fingers data structure is shared across all net\nnamespaces.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-06T00:00:00", "type": "ubuntucve", "title": "CVE-2017-17450", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-17450"], "modified": "2017-12-06T00:00:00", "id": "UB:CVE-2017-17450", "href": "https://ubuntu.com/security/CVE-2017-17450", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-08T14:38:28", "description": "The Linux kernel, versions 3.9+, is vulnerable to a denial of service\nattack with low rates of specially modified packets targeting IP fragment\nre-assembly. An attacker may cause a denial of service condition by sending\nspecially crafted IP fragments. Various vulnerabilities in IP fragmentation\nhave been discovered and fixed over the years. The current vulnerability\n(CVE-2018-5391) became exploitable in the Linux kernel with the increase of\nthe IP fragment reassembly queue size.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | CERT recommends reverting c2a936600f78aea00d3312ea4b66a79a4619f9b4\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-14T00:00:00", "type": "ubuntucve", "title": "CVE-2018-5391", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-5391"], "modified": "2018-08-14T00:00:00", "id": "UB:CVE-2018-5391", "href": "https://ubuntu.com/security/CVE-2018-5391", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-08T15:28:39", "description": "The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in\nthe Linux kernel before 3.18-rc2 does not properly handle invalid\ninstructions, which allows guest OS users to cause a denial of service\n(NULL pointer dereference and host OS crash) via a crafted application that\ntriggers (1) an improperly fetched instruction or (2) an instruction that\noccupies too many bytes. NOTE: this vulnerability exists because of an\nincomplete fix for CVE-2014-8480.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1386401>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-11-10T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8481", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-8480", "CVE-2014-8481"], "modified": "2014-11-10T00:00:00", "id": "UB:CVE-2014-8481", "href": "https://ubuntu.com/security/CVE-2014-8481", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-06-07T14:50:51", "description": "Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the\nLinux kernel before 4.3.3 allows local users to cause a denial of service\n(NULL pointer dereference and system crash) or possibly have unspecified\nother impact by using a socket that was not properly bound. NOTE: this\nvulnerability exists because of an incomplete fix for CVE-2015-6937.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1510805>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | denial of service through kernel NPE\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.8, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 4.7}, "published": "2015-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2015-7990", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-6937", "CVE-2015-7990"], "modified": "2015-12-28T00:00:00", "id": "UB:CVE-2015-7990", "href": "https://ubuntu.com/security/CVE-2015-7990", "cvss": {"score": 5.9, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-06-07T14:53:51", "description": "The __rds_conn_create function in net/rds/connection.c in the Linux kernel\nthrough 4.2.3 allows local users to cause a denial of service (NULL pointer\ndereference and system crash) or possibly have unspecified other impact by\nusing a socket that was not properly bound.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1496232>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | fix is incomplete, see CVE-2015-7990\n", "cvss3": {}, "published": "2015-09-14T00:00:00", "type": "ubuntucve", "title": "CVE-2015-6937", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-6937", "CVE-2015-7990"], "modified": "2015-09-14T00:00:00", "id": "UB:CVE-2015-6937", "href": "https://ubuntu.com/security/CVE-2015-6937", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2018-04-24T00:46:58", "description": "The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to receive\n various security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2018-1091: In the flush_tmregs_to_thread function in\n arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from\n unprivileged userspace during a core dump on a POWER host due to a\n missing processor feature check and an erroneous use of transactional\n memory (TM) instructions in the core dump path, leading to a denial of\n service (bnc#1087231).\n - CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed\n local users to cause a denial of service (BUG) via a crafted application\n that made mmap system calls and has a large pgoff argument to the\n remap_file_pages system call (bnc#1084353).\n - CVE-2018-8043: The unimac_mdio_probe function in\n drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource\n availability, which allowed local users to cause a denial of service\n (NULL pointer dereference) (bnc#1084829).\n - CVE-2017-18257: The __get_data_block function in fs/f2fs/data.c allowed\n local users to cause a denial of service (integer overflow and loop) via\n crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP\n ioctl. (bnc#1088241)\n - CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel\n function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious\n NCPFS servers to crash the kernel or execute code (bnc#1086162).\n\n\n The following non-security bugs were fixed:\n\n - acpica: Add header support for TPM2 table changes (bsc#1084452).\n - acpica

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1505)

Description

Related