Lucene search

K
nessusThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.OPENSUSE-2020-1379.NASL
HistorySep 09, 2020 - 12:00 a.m.

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1379)

2020-09-0900:00:00
This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

  • CVE-2020-14386: Fixed an overflow in tpacket_rcv in af_packet that could lead to a local privilege escalation ( bsc#1176069).

The following non-security bugs were fixed :

  • bonding: check error value of register_netdevice() immediately (git-fixes).

  • bonding: check return value of register_netdevice() in bond_newlink() (git-fixes).

  • hippi: Fix a size used in a ‘pci_free_consistent()’ in an error handling path (git-fixes).

  • mlx4: disable device on shutdown (git-fixes).

  • mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).

  • mlxsw: core: Increase scope of RCU read-side critical section (git-fixes).

  • mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691).

  • net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).

  • net/mlx5e: Fix error path of device attach (git-fixes).

  • net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration (git-fixes).

  • net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).

  • sched/deadline: Initialize ->dl_boosted (bsc#1112178).

  • scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666).

  • scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558 bsc#1136666 bsc#1173060).

  • scsi: lpfc: Provide description for lpfc_mem_alloc()'s ‘align’ param (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Remove unused variable ‘pg_addr’ (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666).

  • scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666).

  • scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666).

  • vxlan: Ensure FDB dump is performed under RCU (git-fixes).

  • x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178).

  • x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2020-1379.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(140442);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/09/29");

  script_cve_id("CVE-2020-14386");

  script_name(english:"openSUSE Security Update : the Linux Kernel (openSUSE-2020-1379)");
  script_summary(english:"Check for the openSUSE-2020-1379 patch");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description",
    value:
"The openSUSE Leap 15.1 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed :

  - CVE-2020-14386: Fixed an overflow in tpacket_rcv in
    af_packet that could lead to a local privilege
    escalation ( bsc#1176069).

The following non-security bugs were fixed :

  - bonding: check error value of register_netdevice()
    immediately (git-fixes).

  - bonding: check return value of register_netdevice() in
    bond_newlink() (git-fixes).

  - hippi: Fix a size used in a 'pci_free_consistent()' in
    an error handling path (git-fixes).

  - mlx4: disable device on shutdown (git-fixes).

  - mlxsw: core: Free EMAD transactions using kfree_rcu()
    (git-fixes).

  - mlxsw: core: Increase scope of RCU read-side critical
    section (git-fixes).

  - mm, vmstat: reduce zone->lock holding time by
    /proc/pagetypeinfo (bsc#1175691).

  - net/mlx5: Fix a bug of using ptp channel index as pin
    index (git-fixes).

  - net/mlx5e: Fix error path of device attach (git-fixes).

  - net: dp83640: fix SIOCSHWTSTAMP to update the struct
    with actual configuration (git-fixes).

  - net: smc91x: Fix possible memory leak in smc_drv_probe()
    (git-fixes).

  - sched/deadline: Initialize ->dl_boosted (bsc#1112178).

  - scsi: lpfc: Add and rename a whole bunch of function
    parameter descriptions (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Add description for lpfc_release_rpi()'s
    'ndlpl param (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Add missing misc_deregister() for
    lpfc_init() (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Ensure variable has the same stipulations as
    code using it (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix FCoE speed reporting (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Fix RSCN timeout due to incorrect gidft
    counter (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix a bunch of kerneldoc misdemeanors
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix kerneldoc parameter
    formatting/misnaming/missing issues (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Fix no message shown for lpfc_hdw_queue out
    of range value (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix oops when unloading driver while running
    mds diags (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix retry of PRLI when status indicates its
    unsupported (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix some function parameter descriptions
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix typo in comment for ULP (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Fix validation of bsg reply lengths
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix-up around 120 documentation issues
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Fix-up formatting/docrot where appropriate
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: NVMe remote port devloss_tmo from lldd
    (bsc#1171558 bsc#1136666 bsc#1173060).

  - scsi: lpfc: Provide description for lpfc_mem_alloc()'s
    'align' param (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Quieten some printks (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Remove unused variable 'pg_addr'
    (bsc#1171558 bsc#1136666).

  - scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: Use __printf() format notation (bsc#1171558
    bsc#1136666).

  - scsi: lpfc: nvmet: Avoid hang / use-after-free again
    when destroying targetport (bsc#1171558 bsc#1136666).

  - vxlan: Ensure FDB dump is performed under RCU
    (git-fixes).

  - x86/mce/inject: Fix a wrong assignment of i_mce.status
    (bsc#1112178).

  - x86/unwind/orc: Fix ORC for newly forked tasks
    (bsc#1058115)."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1058115"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1112178"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1136666"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1171558"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1173060"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1175691"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1176069"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected the Linux Kernel packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14386");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-docs-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-kvmsmall-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-macros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-obs-qa");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-source-vanilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-syms");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/09/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/09/09");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-base-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-base-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-debugsource-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-devel-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-debug-devel-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-base-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-base-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-debugsource-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-devel-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-default-devel-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-devel-4.12.14-lp151.28.67.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-docs-html-4.12.14-lp151.28.67.3") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-base-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-debugsource-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-devel-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-macros-4.12.14-lp151.28.67.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-obs-build-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-obs-build-debugsource-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-obs-qa-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-source-4.12.14-lp151.28.67.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-source-vanilla-4.12.14-lp151.28.67.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-syms-4.12.14-lp151.28.67.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-base-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-base-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-debuginfo-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-debugsource-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-devel-4.12.14-lp151.28.67.2") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.67.2") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-debug / kernel-debug-base / kernel-debug-base-debuginfo / etc");
}