Fedora 29 docker-latest 2019-f5b57646b7 resolves CVE-2018-20699, umounts procfs and sysf
Reporter | Title | Published | Views | Family All 53 |
---|---|---|---|---|
![]() | CVE-2018-20699 | 12 Jan 201902:29 | โ | debiancve |
![]() | Oracle Linux 7 : docker-engine (ELSA-2019-4598) | 3 May 202300:00 | โ | nessus |
![]() | Fedora 29 : 2:docker (2019-a034423db8) | 31 Jan 201900:00 | โ | nessus |
![]() | Fedora 28 : 2:docker (2019-901feba171) | 31 Jan 201900:00 | โ | nessus |
![]() | Oracle Linux 7 : docker-engine (ELSA-2019-4597) | 7 Sep 202300:00 | โ | nessus |
![]() | RHEL 7 : docker (RHSA-2019:0487) | 13 Mar 201900:00 | โ | nessus |
![]() | Fedora 28 : 2:docker-latest (2019-723711c645) | 31 Jan 201900:00 | โ | nessus |
![]() | NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2020-0082) | 9 Dec 202000:00 | โ | nessus |
![]() | NewStart CGSL CORE 5.05 / MAIN 5.05 : docker-ce Multiple Vulnerabilities (NS-SA-2021-0138) | 27 Oct 202100:00 | โ | nessus |
![]() | Photon OS 5.0: Kapacitor PHSA-2023-5.0-0045 | 24 Jul 202400:00 | โ | nessus |
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory FEDORA-2019-f5b57646b7.
#
include('compat.inc');
if (description)
{
script_id(121493);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/25");
script_cve_id("CVE-2018-20699");
script_xref(name:"FEDORA", value:"2019-f5b57646b7");
script_name(english:"Fedora 29 : 2:docker-latest (2019-f5b57646b7)");
script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing a security update.");
script_set_attribute(attribute:"description", value:
"- Resolves: #1666565, #1667625 - CVE-2018-20699
- Resolves: #1663068, #1667626 - umount all procfs and
sysfs with --no-pivot
- built docker @projectatomic/docker-1.13.1 commit 1185cfd
- built docker-runc @projectatomic/docker-1.13.1 commit
e4ffe43
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-f5b57646b7");
script_set_attribute(attribute:"solution", value:
"Update the affected 2:docker-latest package.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-20699");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/12");
script_set_attribute(attribute:"patch_publication_date", value:"2019/01/31");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/31");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:2:docker-latest");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Fedora Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC29", reference:"docker-latest-1.13.1-40.git1185cfd.fc29", epoch:"2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "2:docker-latest");
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo