Lucene search
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.FEDORA_2019-7A3FC17778.NASLHistoryNov 14, 2019 - 12:00 a.m.
Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778)
2019-11-1400:00:00
This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
36
7.1 High
AI Score
Confidence
Low
The 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12.
The 5.3.9 update contains a number of important fixes across the tree
Update to upstream 2.1-22. 20190618
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2019-7a3fc17778.
#
include('compat.inc');
if (description)
{
script_id(130989);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/11");
script_cve_id(
"CVE-2018-12207",
"CVE-2019-0117",
"CVE-2019-0154",
"CVE-2019-0155",
"CVE-2019-11135",
"CVE-2019-11139"
);
script_xref(name:"FEDORA", value:"2019-7a3fc17778");
script_name(english:"Fedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The 5.3.11 stable kernel update contains a number of important
security updates across the tree, including mitigations for the most
recent hardware issues disclosed on Nov 12.
----
The 5.3.9 update contains a number of important fixes across the tree
----
Update to upstream 2.1-22. 20190618
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-7a3fc17778");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-0155");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/11/14");
script_set_attribute(attribute:"patch_publication_date", value:"2019/11/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:microcode_ctl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kernel-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
include("ksplice.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
rm_kb_item(name:"Host/uptrack-uname-r");
cve_list = make_list("CVE-2018-12207", "CVE-2019-0117", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-11139");
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for FEDORA-2019-7a3fc17778");
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
flag = 0;
if (rpm_check(release:"FC29", reference:"microcode_ctl-2.1-33.fc29", epoch:"2")) flag++;
if (rpm_check(release:"FC29", reference:"kernel-5.3.11-100.fc29")) flag++;
if (rpm_check(release:"FC29", reference:"kernel-headers-5.3.11-100.fc29")) flag++;
if (rpm_check(release:"FC29", reference:"kernel-tools-5.3.11-100.fc29")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:microcode_ctl / kernel / kernel-headers / kernel-tools");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fedoraproject | fedora | 2 | p-cpe:/a:fedoraproject:fedora:2:microcode_ctl |
| fedoraproject | fedora | kernel | p-cpe:/a:fedoraproject:fedora:kernel |
| fedoraproject | fedora | kernel-headers | p-cpe:/a:fedoraproject:fedora:kernel-headers |
| fedoraproject | fedora | kernel-tools | p-cpe:/a:fedoraproject:fedora:kernel-tools |
| fedoraproject | fedora | 29 | cpe:/o:fedoraproject:fedora:29 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12207
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0117
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0154
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11139
bodhi.fedoraproject.org/updates/FEDORA-2019-7a3fc17778
Related
nessus
nessus
Fedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507)
2019-11-13 00:00:00
Fedora 30 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-1689d3fe07)
2019-11-13 00:00:00
RHEL 7 : kernel (RHSA-2019:3841)
2019-11-13 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: microcode_ctl-2.1-33.fc29
2019-11-13 06:47:36
[SECURITY] Fedora 31 Update: kernel-tools-5.3.11-300.fc31
2019-11-13 06:36:35
[SECURITY] Fedora 29 Update: kernel-headers-5.3.11-100.fc29
2019-11-13 06:47:35
openvas
openvas
Fedora Update for kernel-tools FEDORA-2019-7a3fc17778
2019-11-14 00:00:00
Fedora Update for microcode_ctl FEDORA-2019-68d7f68507
2020-01-09 00:00:00
Fedora Update for kernel-headers FEDORA-2019-7a3fc17778
2019-11-14 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerabilities
2019-11-20 00:16:53
Updated microcode packages fix security vulnerabilities
2019-12-26 01:57:53
Updated kernel packages fix security vulnerabilities
2019-11-20 00:16:53
osv
osv
linux - security update
2019-11-12 00:00:00
linux-4.9 - security update
2019-11-12 00:00:00
intel-microcode - security update
2019-11-13 00:00:00
oraclelinux
oraclelinux
kernel security update
2019-11-14 00:00:00
kernel security update
2019-11-14 00:00:00
kernel security update
2019-11-22 00:00:00
redhat
redhat
(RHSA-2019:3841) Important: kernel security update
2019-11-12 19:44:24
(RHSA-2019:3840) Important: kernel security update
2019-11-12 19:36:13
(RHSA-2019:3832) Important: kernel security update
2019-11-12 18:22:16
archlinux
archlinux
[ASA-201911-14] intel-ucode: multiple issues
2019-11-13 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-11-16 20:57:46
centos
centos
bpftool, kernel, perf, python security update
2019-11-14 19:41:10
kernel, perf, python security update
2019-11-14 01:19:32
virtuozzo
virtuozzo
ubuntu
ubuntu
Intel Microcode update
2019-11-12 00:00:00
Intel Microcode update
2019-11-12 00:00:00
Intel Microcode regression
2019-12-04 00:00:00
debian
debian
[SECURITY] [DLA 2051-1] intel-microcode security update
2019-12-30 22:33:18
[SECURITY] [DSA 4565-2] intel-microcode security update
2019-12-13 20:15:51
[SECURITY] [DSA 4565-1] intel-microcode security update
2019-11-13 06:05:34
suse
suse
Security update for ucode-intel (important)
2019-11-14 00:00:00
Security update for ucode-intel (important)
2019-11-18 00:00:00
Security update for ucode-intel (important)
2019-11-18 00:00:00
cloudfoundry
cloudfoundry
USN-4182-1: Intel Microcode update | Cloud Foundry
2019-11-21 00:00:00
USN-4182-3: Intel Microcode regression | Cloud Foundry
2019-12-18 00:00:00
USN-4185-1: Linux kernel vulnerabilities | Cloud Foundry
2019-11-21 00:00:00
amazon
amazon
Medium: microcode_ctl, kernel
2019-11-14 20:01:00
Medium: microcode_ctl, kernel
2019-11-14 20:06:00
vmware
vmware
citrix
citrix
Citrix Hypervisor Security Update
2019-11-12 05:00:00
f5
f5
K73659122 : GPU vulnerabilities CVE-2019-0154 and CVE-2019-0155
2019-11-20 00:00:00
mskb
mskb
November 12, 2019—KB4525245 (OS Build 15063.2172)
2019-11-12 00:00:00
cve
cve
CVE-2019-11139
2019-11-14 19:15:00
debiancve
debiancve
CVE-2019-11139
2019-11-14 19:15:00