Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.EULEROS_SA-2020-2549.NASL
HistoryDec 15, 2020 - 12:00 a.m.

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-2549)

2020-12-1500:00:00
This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

14.2%

JSON

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  • The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system:
    memory allocation, process allocation, device input and output, etc.Security Fix(es):A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user that triggers the creation of that ZRAM device.
    With this vulnerability, continually reading the device may consume a large amount of system memory and cause the Out-of-Memory (OOM) killer to activate and terminate random userspace processes, possibly making the system inoperable.(CVE-2020-10781)The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.(CVE-2020-25284)A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.(CVE-2020-14314)A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.(CVE-2020-14386)A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.(CVE-2020-25285)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(144244);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/01");

  script_cve_id(
    "CVE-2020-10781",
    "CVE-2020-14314",
    "CVE-2020-14386",
    "CVE-2020-25284",
    "CVE-2020-25285"
  );

  script_name(english:"EulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-2549)");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the kernel packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - The kernel package contains the Linux kernel (vmlinuz),
    the core of any Linux operating system. The kernel
    handles the basic functions of the operating system:
    memory allocation, process allocation, device input and
    output, etc.Security Fix(es):A flaw was found in the
    Linux Kernel before 5.8-rc6 in the ZRAM kernel module,
    where a user with a local account and the ability to
    read the /sys/class/zram-control/hot_add file can
    create ZRAM device nodes in the /dev/ directory. This
    read allocates kernel memory and is not accounted for a
    user that triggers the creation of that ZRAM device.
    With this vulnerability, continually reading the device
    may consume a large amount of system memory and cause
    the Out-of-Memory (OOM) killer to activate and
    terminate random userspace processes, possibly making
    the system inoperable.(CVE-2020-10781)The rbd block
    device driver in drivers/block/rbd.c in the Linux
    kernel through 5.8.9 used incomplete permission
    checking for access to rbd devices, which could be
    leveraged by local attackers to map or unmap rbd block
    devices, aka CID-f44d04e696fe.(CVE-2020-25284)A memory
    out-of-bounds read flaw was found in the Linux kernel
    before 5.9-rc2 with the ext3/ext4 file system, in the
    way it accesses a directory with broken indexing. This
    flaw allows a local user to crash the system if the
    directory exists. The highest threat from this
    vulnerability is to system
    availability.(CVE-2020-14314)A flaw was found in the
    Linux kernel before 5.9-rc4. Memory corruption can be
    exploited to gain root privileges from unprivileged
    processes. The highest threat from this vulnerability
    is to data confidentiality and
    integrity.(CVE-2020-14386)A race condition between
    hugetlb sysctl handlers in mm/hugetlb.c in the Linux
    kernel before 5.8.8 could be used by local attackers to
    corrupt memory, cause a NULL pointer dereference, or
    possibly have unspecified other impact, aka
    CID-17743798d812.(CVE-2020-25285)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2549
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?78c0e5a2");
  script_set_attribute(attribute:"solution", value:
"Update the affected kernel packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14386");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/12/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(5)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP5", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i686 / x86_64", cpu);

flag = 0;

pkgs = ["kernel-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "kernel-devel-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "kernel-headers-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "kernel-tools-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "kernel-tools-libs-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "perf-3.10.0-862.14.1.5.h483.eulerosv2r7",
        "python-perf-3.10.0-862.14.1.5.h483.eulerosv2r7"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"5", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel");
}
VendorProductVersionCPE
huaweieuleroskernelp-cpe:/a:huawei:euleros:kernel
huaweieuleroskernel-develp-cpe:/a:huawei:euleros:kernel-devel
huaweieuleroskernel-headersp-cpe:/a:huawei:euleros:kernel-headers
huaweieuleroskernel-toolsp-cpe:/a:huawei:euleros:kernel-tools
huaweieuleroskernel-tools-libsp-cpe:/a:huawei:euleros:kernel-tools-libs
huaweieulerosperfp-cpe:/a:huawei:euleros:perf
huaweieulerospython-perfp-cpe:/a:huawei:euleros:python-perf
huaweieuleros2.0cpe:/o:huawei:euleros:2.0

Related

openvas 35
nessus 59
oraclelinux 6
suse 3
ubuntu 6
osv 7
nvd 5
ubuntucve 5
veracode 5
debiancve 5
cvelist 5
cbl_mariner 5
redhatcve 5
photon 10
prion 5
githubexploit 1
amazon 5
fedora 2
f5 2
cve 5
cloudfoundry 3
debian 3
ibm 3
redhat 6
mageia 2
almalinux 1
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2549)
2020-12-15 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2020-2176)
2020-10-12 00:00:00
openSUSE: Security Advisory for the (openSUSE-SU-2020:1382-1)
2020-09-09 00:00:00
nessus
nessus
EulerOS 2.0 SP9 : kernel (EulerOS-SA-2020-2176)
2020-10-09 00:00:00
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2020-5884)
2020-10-12 00:00:00
openSUSE Security Update : the Linux Kernel (openSUSE-2020-1382)
2020-09-09 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-10-12 00:00:00
Unbreakable Enterprise kernel security update
2020-10-12 00:00:00
Unbreakable Enterprise kernel security update
2020-10-09 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-09-08 00:00:00
Security update for the Linux Kernel (important)
2020-09-08 00:00:00
Security update for the Linux Kernel (important)
2020-10-11 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2020-10-14 00:00:00
Linux kernel vulnerability
2020-09-08 00:00:00
Kernel Live Patch Security Notice
2020-09-10 00:00:00
osv
osv
linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
2020-10-14 02:12:10
linux, linux-aws, linux-aws-5.3, linux-aws-5.4, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-kvm, linux-oem, linux-oem-osp1, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2, linux-raspi2-5.3, linux-snapdragon vulnerability
2020-09-08 07:20:05
linux-4.19 - security update
2020-09-26 00:00:00
nvd
nvd
CVE-2020-10781
2020-09-16 13:15:10
CVE-2020-25285
2020-09-13 18:15:09
CVE-2020-14386
2020-09-16 13:15:11
ubuntucve
ubuntucve
CVE-2020-10781
2020-06-18 00:00:00
CVE-2020-14386
2020-09-04 00:00:00
CVE-2020-25285
2020-09-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:21:15
Remote Code Execution (RCE)
2020-10-18 01:56:12
Privilege Escalation
2020-09-21 06:28:18
debiancve
debiancve
CVE-2020-10781
2020-09-16 13:15:10
CVE-2020-25285
2020-09-13 18:15:09
CVE-2020-14386
2020-09-16 13:15:11
cvelist
cvelist
CVE-2020-10781
2020-09-16 00:00:00
CVE-2020-14386
2020-09-16 12:48:12
CVE-2020-25285
2020-09-13 17:28:21
cbl_mariner
cbl_mariner
CVE-2020-10781 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
CVE-2020-14386 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
CVE-2020-25285 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
redhatcve
redhatcve
CVE-2020-14386
2020-09-07 05:48:46
CVE-2020-10781
2020-06-17 09:25:04
CVE-2020-25285
2020-09-25 05:03:31
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0282
2020-09-12 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0323
2020-09-11 00:00:00
Important Photon OS Security Update - PHSA-2020-0140
2020-09-13 00:00:00
prion
prion
Race condition
2020-09-13 18:15:00
Hardcoded credentials
2020-09-16 13:15:00
Memory corruption
2020-09-16 13:15:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Linux Linux Kernel
2020-09-17 21:25:18
amazon
amazon
Important: kernel
2020-09-03 21:45:00
Important: kernel
2020-09-03 21:53:00
Important: kernel
2020-09-28 20:57:00
fedora
fedora
[SECURITY] Fedora 32 Update: kernel-5.8.7-200.fc32
2020-09-10 17:32:35
[SECURITY] Fedora 33 Update: kernel-5.8.7-300.fc33
2020-09-25 17:17:26
f5
f5
K58523450 : Linux kernel vulnerability CVE-2020-14386
2021-04-07 00:00:00
K67830124: Linux kernel ext3/ext4 file system vulnerability CVE-2020-14314
2021-03-10 00:00:00
cve
cve
CVE-2020-14386
2020-09-16 13:15:11
CVE-2020-10781
2020-09-16 13:15:10
CVE-2020-25285
2020-09-13 18:15:09
cloudfoundry
cloudfoundry
USN-4489-1: Linux kernel vulnerability | Cloud Foundry
2020-09-24 00:00:00
USN-4660-2: Linux kernel regression | Cloud Foundry
2021-02-10 00:00:00
USN-4660-1: Linux kernel vulnerabilities | Cloud Foundry
2021-01-12 00:00:00
debian
debian
[SECURITY] [DLA 2385-1] linux-4.19 security update
2020-09-28 13:31:21
[SECURITY] [DLA 2420-2] linux regression update
2020-10-31 16:14:20
[SECURITY] [DLA 2420-1] linux security update
2020-10-30 14:21:51
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2020-10-21 16:15:24
Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:08
Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:07
redhat
redhat
(RHSA-2020:4331) Important: kpatch-patch security update
2020-10-26 11:00:46
(RHSA-2020:4332) Important: kpatch-patch security update
2020-10-26 11:00:50
(RHSA-2020:5199) Important: kernel security update
2020-11-24 09:49:27
mageia
mageia
Updated kernel and kernel-linus packages fix security vulnerabilities
2020-08-30 21:45:14
Updated kernel packages fix security vulnerabilities
2020-10-21 16:07:53
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2021-05-18 05:33:57

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0

Percentile

14.2%

JSON
Related for EULEROS_SA-2020-2549.NASL
openvas35nessus59oraclelinux6suse3ubuntu6osv7nvd5ubuntucve5veracode5debiancve5cvelist5cbl_mariner5redhatcve5photon10prion5githubexploit1amazon5fedora2f52cve5cloudfoundry3debian3ibm3redhat6mageia2almalinux1