Lucene search
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.NUTANIX_NXSA-AOS-5_10.NASLHistorySep 01, 2022 - 12:00 a.m.
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10)
2022-09-0100:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
24
7.7 High
AI Score
Confidence
High
The version of AOS installed on the remote host is prior to 5.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10 advisory.
-
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel’s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer ‘struct kvm_coalesced_mmio’ object, wherein write indices ‘ring->first’ and ‘ring->last’ value could be supplied by a host user-space process. An unprivileged host user or process with access to ‘/dev/kvm’ device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. (CVE-2019-14821)
-
In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation.
NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139. (CVE-2019-15239)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(164558);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/06");
script_cve_id("CVE-2019-14821", "CVE-2019-15239");
script_name(english:"Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10)");
script_set_attribute(attribute:"synopsis", value:
"The Nutanix AOS host is affected by multiple vulnerabilities .");
script_set_attribute(attribute:"description", value:
"The version of AOS installed on the remote host is prior to 5.10. It is, therefore, affected by multiple vulnerabilities
as referenced in the NXSA-AOS-5.10 advisory.
- An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux
kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer
'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be
supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm'
device could use this flaw to crash the host kernel, resulting in a denial of service or potentially
escalating privileges on the system. (CVE-2019-14821)
- In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12,
was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was
potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by
adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple
use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation.
NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or
4.14.x longterm kernels before 4.14.139. (CVE-2019-15239)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://portal.nutanix.com/page/documents/security-advisories/release-advisories/details?id=NXSA-AOS-5.10
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?feeda9d8");
script_set_attribute(attribute:"solution", value:
"Update the Nutanix AOS software to recommended version.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-15239");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2019-14821");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/20");
script_set_attribute(attribute:"patch_publication_date", value:"2022/08/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/09/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:nutanix:aos");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("nutanix_collect.nasl");
script_require_keys("Host/Nutanix/Data/lts", "Host/Nutanix/Data/Service", "Host/Nutanix/Data/Version", "Host/Nutanix/Data/arch");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
var app_info = vcf::nutanix::get_app_info();
var constraints = [
{ 'fixed_version' : '5.10', 'product' : 'AOS', 'fixed_display' : 'Upgrade the AOS install to 5.10 or higher.', 'lts' : TRUE },
{ 'fixed_version' : '5.10', 'product' : 'NDFS', 'fixed_display' : 'Upgrade the AOS install to 5.10 or higher.', 'lts' : TRUE }
];
vcf::nutanix::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_HOLE
);
Related
nessus
nessus
RHEL 7 : kpatch-patch (RHSA-2020:0027)
2020-01-07 00:00:00
Oracle Linux 7 : kernel (ELSA-2019-3979)
2019-12-03 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (20191205)
2019-12-09 00:00:00
redhat
redhat
(RHSA-2019:3978) Important: kernel-rt security and bug fix update
2019-11-26 10:38:35
(RHSA-2020:0027) Important: kpatch-patch security update
2020-01-06 13:41:14
(RHSA-2019:3979) Important: kernel security and bug fix update
2019-11-26 10:38:25
openvas
openvas
CentOS Update for bpftool CESA-2019:3979 centos7
2019-12-04 00:00:00
CentOS Update for kernel CESA-2019:4256 centos6
2020-01-08 00:00:00
Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2021-2856)
2021-12-31 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2019-12-03 20:40:15
kernel, perf, python security update
2019-12-24 15:25:23
virtuozzo
virtuozzo
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2019-10-01 00:00:00
Unbreakable Enterprise kernel security update
2019-09-20 00:00:00
Unbreakable Enterprise kernel security update
2019-09-20 00:00:00
ubuntucve
ubuntucve
CVE-2019-15239
2019-08-20 00:00:00
CVE-2019-14821
2019-10-01 00:00:00
cve
cve
CVE-2019-15239
2019-08-20 08:15:00
CVE-2019-14821
2019-09-19 18:15:00
f5
f5
K55335001 : Linux kernel vulnerability CVE-2019-15239
2022-05-20 00:00:00
K59513013 : Linux kernel vulnerability CVE-2019-14821
2020-10-19 00:00:00
debiancve
debiancve
CVE-2019-15239
2019-08-20 08:15:00
CVE-2019-14821
2019-09-19 18:15:00
veracode
veracode
Privilege Escalation
2019-11-28 00:13:51
Privilege Escalation
2020-07-08 03:23:31
prion
prion
Design/Logic Flaw
2019-08-20 08:15:00
Design/Logic Flaw
2019-09-19 18:15:00
redhatcve
redhatcve
CVE-2019-15239
2020-04-04 05:36:17
CVE-2019-14821
2020-04-09 10:11:56
fedora
fedora
[SECURITY] Fedora 30 Update: kernel-headers-5.2.16-200.fc30
2019-09-24 01:09:44
[SECURITY] Fedora 29 Update: kernel-headers-5.2.17-100.fc29
2019-10-02 01:42:27
[SECURITY] Fedora 29 Update: kernel-tools-5.2.17-100.fc29
2019-10-02 01:42:27
amazon
amazon
Important: kernel
2019-09-25 23:01:00
Important: kernel
2019-09-25 22:59:00
ibm
ibm
suse
suse
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
Security update for the Linux Kernel (important)
2019-09-24 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2019-09-21 19:04:55
Updated kernel packages fix security vulnerabilities
2019-09-21 19:04:55
Updated kernel-linus packages fix security vulnerabilities
2019-11-20 00:16:53
osv
osv
linux-4.9 - security update
2019-09-30 00:00:00
linux - security update
2019-09-25 00:00:00
linux - security update
2019-08-13 00:00:00
debian
debian
[SECURITY] [DSA 4531-1] linux security update
2019-09-25 04:04:13
[SECURITY] [DLA 1940-1] linux-4.9 security update
2019-10-01 13:56:02
[SECURITY] [DSA 4531-1] linux security update
2019-09-25 04:04:13
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0189
2019-11-15 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0175
2019-09-10 00:00:00
Critical Photon OS Security Update - PHSA-2019-0175
2019-09-03 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-10-17 00:00:00
Linux kernel (HWE) vulnerabilities
2019-10-22 00:00:00
Linux kernel vulnerabilities
2019-10-22 00:00:00
cloudfoundry
cloudfoundry
USN-4162-1: Linux kernel vulnerabilities | Cloud Foundry
2019-11-06 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2019-11-07 22:31:40